| Has anyone had any experience with IBM's NetSP Secured Network Gateway?
| Anybody want to make any comments about it? positive? negative?
The product manager was kind enough to send me a copy of the
manual. (Scott Baumann (sbaumann @
com)) Its a socks based
bastion system, with support for several smartcards systems. It runs
on an rs/6000, with aix 3.2.5.
Overall, it seemed to be a decent system. It used code from
outside IBM, and seemed to be a decent first pass at building a
firewall. I had a number of criticisms, which I'll mention, but it
did seem to be a decent basis on which to build.
1. Its a SMIT installable image. Theres very little said
about cutting down AIX bloat & suid's. The manual does mention
cutting whats in inetd.conf. However, I think AIX is way too big to
2. It uses IBM's sendmail. Not ucb 8.6.9, not smap, smail or
anything else, but sendmail.
3. Nothing like tripwire seems to be included.
4. No high speed network adapters (I noted a lack of FDDI and
5. The manual didn't cover testing enough.
"It is seldom that liberty of any kind is lost all at once."