I have had to do some performance and security testing on the Borderware
firewall product over the last couple of weeks and I have some issues
that I wanted to address here...
1) We caused a kernel panic by flooding the firewall system itself with
ping ECHO_REQUESTS at less than T-1 bandwidth...
2) The default configuration loads a web server on port 80 for the
entire world to see...
3) The firewall doesn't discriminate between internal and external hosts
when it proxies, (ie, with a poor setup (the default setup), I can set
the proxy in my browser to the external interface of the proxy, then try
to go to the internal interface and the firewall will proxy me
there...another interesting side effect of this was that you can get
packets to the web management port 442)
Based on these results, I can't see how I would ever sully my reputation
by recommending this product. Has anyone ever dealt successfully with
this product...Specifically, does anyone with Firewall-1 experience care
to comment on a comparison? My comparison's results should be pretty
obvious, by now...
Thanks for your help and your advice,
Jesse
--
***********************************************************************
Jesse Whyte EAC Network Integrators
Security Analyst Trumbull, CT
jesse @
eac .
com http://www.eac.com
(203) 371-2441
|
|
