[TriLUG] Firewalls

Jason jason at monsterjam.org
Mon Jul 10 18:28:18 EDT 2006 

Current Firewall technology is its Fourth generation and includes such features as
 
Antivirus: marketing crap! IMHO, not a firewall's job, but clamd with some add-in for your smtp server 
will take care of this.
(i run qmail with qmail-scanner and clamav).
Anti-Spyware: uhhh yeah, right, not the firewalls job.
Content Filtering: well, if you want to run a slow proxy server instead of a packet-filtering firewall, 
sure. squid + dans guardian if you really want to.
Intrusion Prevention: kinda/sorta could be part of a firewall, but you can run snort on the same server as 
the firewall and get the same benefits.

Jason



On Mon, Jul 10, 2006 at 05:44:41PM -0400, Lee Fickenscher wrote:
> I just received an "audit" report that I'm supposed to discuss at a  
> meeting tomorrow. Part of that report covers my firewall. The current  
> firewall is OpenBSD 3.5 (yes, a bit out of date). My question regards  
> the wording of the report. It talks about "generations" of firewalls  
> (first gen, second gen...) I've never heard of the term generations  
> used to discuss firewalls. Has anyone heard of this term used with  
> firewalls?
> 
> While the auditor might have been general competent, and certainly  
> was more knowledgeable about Windows than I am, I don't feel that he  
> is really up on security. He recommends replacing my box with a  
> Sonicwall unit, which, if I understand correctly, is just a dedicated  
> Linux box. I don't see how that gains me much more than a pretty  
> interface. His company is most likely a Sonicwall reseller, but I  
> don't think he is even aware what the Sonicwall runs under the covers.
> 
> Pertinent text follows verbatim:
> 
> "Your current Firewall is a PC running a version of OpenBSD (Unix).  
> This solution is a Firewall but it has only the most basic Firewall  
> capabilities of NAT and port blocking. This type of Firewall was  
> current technology found several years ago in first generation  
> Firewalls. Current Firewall technology is its Fourth generation and  
> includes such features as Antivirus, Anti-Spyware, Content Filtering,  
> and Intrusion Prevention. The idea is that the more stuff you block  
> at the perimeter the better your whole network will perform. The  
> Sonicwall solution we are proposing also has the ability to do both  
> software and hardware VPN if at a future date you wish to implement  
> secure Internet connections from remote sites."
> 
> Any input is appreciated (preferably constructive) particularly from  
> any of the security experts out there.
> 
> Thanks,
> Lee
> -- 
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/

-- 
================================================
|    Jason Welsh   jason at monsterjam.org        |
| http://monsterjam.org    DSS PGP: 0x5E30CC98 |
|    gpg key: http://monsterjam.org/gpg/       |
================================================

More information about the TriLUG mailing list