> From: Russ <Russ .
Cooper @
RC .
Toronto .
on .
ca>
> Subject: RE: Raptor's Eagle Firewall
>
> What if I don't want a Firewall Administrator, what if I want to use my NOS
> Administrator? What if I have a small company who cannot afford a dedicated
> Firewall, or a dedicated Firewall Administrator?
You get what you pay for.
> Anyway, you've made my point again. If its going to be an NT-based
> Firewall, it should incorporate NT into its functionality, otherwise, we
> shouldn't be looking at the NT version and instead should be considering
> the original UNIX version. Both Raptor and Centri are ports of UNIX
> products to NT. The point is, if the objective of the port was merely to
> duplicate the Firewall environment running on top of NT, its ill conceived.
NT is a marketing reality to all applications vendors. Current firewall design
minimizes dependance on operating system security. The whole idea behind
firewalls is to have tightly controlled code. It is the instability and
poor security design of present operating systems that necessitate firewalls
in the first place.
> Fine, I agree. Account Administration, however, is not unnecessary
> functionality. Neither is interface commonality. If the program is going to
> present a window with menus, and its going to run on NT, then why not use
> the NT routines to create the windows and the menus?
1. Because they might have bugs?
2. Because they might change resulting in an undiscovered change in reliability
and security.
I agree with you that it would be nice if a firewall application could be
written and administered like any other application. But I don't think its
realistic or advisable.
Gary Flynn
Network Manager
James Madison University
Follow-Ups:
|
|
