Firewalls: Re: Firewall design - routers and commercial kit

Firewalls
(January 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Firewall design - routers and commercial kit
From:	jim @ SmallWorks . COM (Jim Thompson)
Date:	Thu, 11 Jan 1996 01:30:14 -0600
To:	dannyc @ gmap . leeds . ac . uk, firewalls @ GreatCircle . COM

>  Seems to me the obvious way (sort of) to do this is to use a screened subnet
>arrangement.  Ok .. fine.  Am I duplicating kit doing this ?  That is, by using
>an exterior and interior router to create a screened net off which would hang
>the commercial firewall etc, am I duplicating the routing function of the
>commercial firewall or don't they have the same level of control over routing
>as a CISCO would for example ?

Some firewalls do.  (NetGate and Firewall-1 do.)  Actually, you can get better
control with some of these than you can with a Cisco.  For instance, you can't
filter on ICMP type and code with Cisco's access lists...

Jim

Indexed By Date	Previous:	RE: firewalls reviews/comparisons From: Rabid Wombat <wombat @ mcfeely . bsfs . org>
Indexed By Date	Next:	RE: MITNICK & THE TCP SEQUENCE NUMBER ATTACK ON SHIMOMURA (L From: gblolmxb @ ibmmail . com
Indexed By Thread	Previous:	Firewall design - routers and commercial kit From: Danny Cox <dannyc @ gmap . leeds . ac . uk>
Indexed By Thread	Next:	Re: Firewall design - routers and commercial kit From: Rick Smith <smith @ sctc . com>