Looks like classic journalism - dont confuse your readers with facts and
fill the space between advertisements.
To: 'Todd Hooper'
Subject: RE: Firewalls review in Data Comms
Date: Friday, November 24, 1995 7:55AM
"With regards to the very interesting review of different firewalls in the
Nov 95 issue of Data Communications which Ken Stephens kindly pointed out."
Its a nice table of Firewall Features and Vendor phone numbers, nothing
else! Probably the most useless piece of security journalism I've seen.
..."to conduct the most comprehensive evaluation of commercial firewalls to
date"..."And while we didn't specifically test the security provisions of
Internet firewalls, we did evaluate security in the context of our
performance and transparency tests"
.....most comprehensive evaluation that didn't specifically test security
of Firewalls! Nuff said....
"In our tests, we were unable to complete testing on two products-the
Borderware Firewall Server from Border Network Technologies Inc. (Toronto)
and Connect: Firewall from Sterling Software Inc. (Irving, Texas)-because
both required changes to our test application that we couldn't make."
.....this dispite the fact that their test suite was supposedly custom
written, and the purpose of the test was to see how the firewalls would
work with custom written applications....
"Our take on security is that it's inherently untestable: With attackers
coming up with new tricks all the time, there's no way to prove that a
firewall can withstand all forms of assault."
....so, uhhh, we won't do any testing at all???
Senior Internet Integration Engineer
com - Express @
com - 74323 .