[TriLUG] Firewalls

[Lee Fickenscher]

I just received an "audit" report that I'm supposed to discuss at a  
meeting tomorrow. Part of that report covers my firewall. The current  
firewall is OpenBSD 3.5 (yes, a bit out of date). My question regards  
the wording of the report. It talks about "generations" of firewalls  
(first gen, second gen...) I've never heard of the term generations  
used to discuss firewalls. Has anyone heard of this term used with  
firewalls?

While the auditor might have been general competent, and certainly  
was more knowledgeable about Windows than I am, I don't feel that he  
is really up on security. He recommends replacing my box with a  
Sonicwall unit, which, if I understand correctly, is just a dedicated  
Linux box. I don't see how that gains me much more than a pretty  
interface. His company is most likely a Sonicwall reseller, but I  
don't think he is even aware what the Sonicwall runs under the covers.

Pertinent text follows verbatim:

"Your current Firewall is a PC running a version of OpenBSD (Unix).  
This solution is a Firewall but it has only the most basic Firewall  
capabilities of NAT and port blocking. This type of Firewall was  
current technology found several years ago in first generation  
Firewalls. Current Firewall technology is its Fourth generation and  
includes such features as Antivirus, Anti-Spyware, Content Filtering,  
and Intrusion Prevention. The idea is that the more stuff you block  
at the perimeter the better your whole network will perform. The  
Sonicwall solution we are proposing also has the ability to do both  
software and hardware VPN if at a future date you wish to implement  
secure Internet connections from remote sites."

Any input is appreciated (preferably constructive) particularly from  
any of the security experts out there.

Thanks,
Lee