[TriLUG] Firewalls
Jason
jason at monsterjam.org
Mon Jul 10 18:28:18 EDT 2006
Current Firewall technology is its Fourth generation and includes such features as
Antivirus: marketing crap! IMHO, not a firewall's job, but clamd with some add-in for your smtp server
will take care of this.
(i run qmail with qmail-scanner and clamav).
Anti-Spyware: uhhh yeah, right, not the firewalls job.
Content Filtering: well, if you want to run a slow proxy server instead of a packet-filtering firewall,
sure. squid + dans guardian if you really want to.
Intrusion Prevention: kinda/sorta could be part of a firewall, but you can run snort on the same server as
the firewall and get the same benefits.
Jason
On Mon, Jul 10, 2006 at 05:44:41PM -0400, Lee Fickenscher wrote:
> I just received an "audit" report that I'm supposed to discuss at a
> meeting tomorrow. Part of that report covers my firewall. The current
> firewall is OpenBSD 3.5 (yes, a bit out of date). My question regards
> the wording of the report. It talks about "generations" of firewalls
> (first gen, second gen...) I've never heard of the term generations
> used to discuss firewalls. Has anyone heard of this term used with
> firewalls?
>
> While the auditor might have been general competent, and certainly
> was more knowledgeable about Windows than I am, I don't feel that he
> is really up on security. He recommends replacing my box with a
> Sonicwall unit, which, if I understand correctly, is just a dedicated
> Linux box. I don't see how that gains me much more than a pretty
> interface. His company is most likely a Sonicwall reseller, but I
> don't think he is even aware what the Sonicwall runs under the covers.
>
> Pertinent text follows verbatim:
>
> "Your current Firewall is a PC running a version of OpenBSD (Unix).
> This solution is a Firewall but it has only the most basic Firewall
> capabilities of NAT and port blocking. This type of Firewall was
> current technology found several years ago in first generation
> Firewalls. Current Firewall technology is its Fourth generation and
> includes such features as Antivirus, Anti-Spyware, Content Filtering,
> and Intrusion Prevention. The idea is that the more stuff you block
> at the perimeter the better your whole network will perform. The
> Sonicwall solution we are proposing also has the ability to do both
> software and hardware VPN if at a future date you wish to implement
> secure Internet connections from remote sites."
>
> Any input is appreciated (preferably constructive) particularly from
> any of the security experts out there.
>
> Thanks,
> Lee
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
--
================================================
| Jason Welsh jason at monsterjam.org |
| http://monsterjam.org DSS PGP: 0x5E30CC98 |
| gpg key: http://monsterjam.org/gpg/ |
================================================
More information about the TriLUG
mailing list