[TriLUG] Firewalls

Eric H Christensen kf4otn at ericsatcom.net
Mon Jul 10 17:54:55 EDT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Lee,
While I have to agree with the auditor when he says that blocking Spam
and viruses and etc at the perimeter is important, I can't say that you
couldn't do something similar with what you currently have.  I'm kind of
iffy on using the all-in-one firewall solutions, but that's just me.  I
know of quite a few companies that use them and haven't had any
problems.  I can just see trouble coming down the road...

If I were in your shoes I'd investigate solutions (open source?) that
could be implemented to help step up your security.  I'd shy away from
buying what everyone else is buying simply because that puts your
network at risk.  If a hacker knows how to bypass the most popular
firewall (and I have to say that SonicWall has to be one of them) then
s/he is more likely to start attempting attacks on multiple networks
using that knowledge.

Just my 2-cents worth (which is about what it is worth).

Eric



Lee Fickenscher wrote:
> I just received an "audit" report that I'm supposed to discuss at a
> meeting tomorrow. Part of that report covers my firewall. The current
> firewall is OpenBSD 3.5 (yes, a bit out of date). My question regards
> the wording of the report. It talks about "generations" of firewalls
> (first gen, second gen...) I've never heard of the term generations used
> to discuss firewalls. Has anyone heard of this term used with firewalls?
> 
> While the auditor might have been general competent, and certainly was
> more knowledgeable about Windows than I am, I don't feel that he is
> really up on security. He recommends replacing my box with a Sonicwall
> unit, which, if I understand correctly, is just a dedicated Linux box. I
> don't see how that gains me much more than a pretty interface. His
> company is most likely a Sonicwall reseller, but I don't think he is
> even aware what the Sonicwall runs under the covers.
> 
> Pertinent text follows verbatim:
> 
> "Your current Firewall is a PC running a version of OpenBSD (Unix). This
> solution is a Firewall but it has only the most basic Firewall
> capabilities of NAT and port blocking. This type of Firewall was current
> technology found several years ago in first generation Firewalls.
> Current Firewall technology is its Fourth generation and includes such
> features as Antivirus, Anti-Spyware, Content Filtering, and Intrusion
> Prevention. The idea is that the more stuff you block at the perimeter
> the better your whole network will perform. The Sonicwall solution we
> are proposing also has the ability to do both software and hardware VPN
> if at a future date you wish to implement secure Internet connections
> from remote sites."
> 
> Any input is appreciated (preferably constructive) particularly from any
> of the security experts out there.
> 
> Thanks,
> Lee
> --TriLUG mailing list        :
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> 
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEssyuQ6BPgKVM2YgRAnN7AJ98QFe8kHunZqsRyaMzcfrNVx0KhwCfdoHd
EiLNrhdsbYW1EN46UQRTlpY=
=pepu
-----END PGP SIGNATURE-----




More information about the TriLUG mailing list