Great Circle Associates Firewalls
(September 1995) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Re[2]: FireWall software.....who's the best?? -Reply
From: Darren Reed <avalon @ coombs . anu . edu . au>
Date: Mon, 25 Sep 1995 23:26:28 +1000 (EST)
To: REBowes @ smtpgate . read . tasc . com (Robert E. Bowes)
Cc: firewalls @ GreatCircle . COM
In-reply-to: <s0666b6e . 065 @ smtpgate . read . tasc . com> from "Robert E. Bowes" at Sep 25, 95 08:41:37 am 
In some mail from Robert E. Bowes, sie said:
> 
> One of the major advantages of proxy servers is strong user
> authentication at the firewall, before gaining access to internal
> hosts.  Can a packet filter do this?  I don't think so.
> 
> Bob

Correct me if I'm wrong, but it seems that those who see major deficencies
are more interested in what happens to data going _in_ than data going out.

And this is where I think the mix is important:

It is more desirable to have _everything_ proxied going in whereas for
people making connections to external services, the proxy is more of an
inconvienience and neither is the threat as great (from the outside
world).

Comments ?

darren
Follow-Ups:
References:
Indexed By Date Previous: Re: Top 10 things learned at USENIX LISA
From: scs @ lokkur . dexter . mi . us (Steve Simmons)
Next: Re: Token Ring Firewalls?
From: Dermot Tynan <dtynan @ fws . ilo . dec . com>
Indexed By Thread Previous: Re: Re[2]: FireWall software.....who's the best?? -Reply
From: "Robert E. Bowes" <REBowes @ smtpgate . read . tasc . com>
Next: Re: Re[2]: FireWall software.....who's the best?? -Reply
From: Dermot Tynan <dtynan @ fws . ilo . dec . com>
Google
 
Search Internet Search www.greatcircle.com