>> Brian W. McKenney wrote:
>>I am looking for information on commercial off-the-shelf (COTS) encryption
>products that can be used to provide firewall-to-firewall encryption
>(node-to-node). The device would encrypt based on source/destination
>address and if possible by network service (port).
>
>>One of our customers has a network of firewalls and they would like to
>protect their network traffic over the Internet (firewall-to-firewall) but
>still be able to communicate with the outside world. The firewall
>configuration is the same at each of the nodes. At the present time, a
>user must go through a challenge/response sequence at each firewall. The
>customer is exploring security technologies that could eliminate the need
>for a challenge/response dialogue at each firewall.
> ----
>Careful here. In my conversations with various vendors, it is not certain
>that firewall-to-firewall encryption, as currently designed, will work
>between different vendors of firewalls. This probably isn't a concern for
>your customer as you imply that all of their firewalls are identical (same
>vendor).
Bill, as my note stated, each of the nodes have the same firewall
configuration (same firewall hardware, software). We don't have to worry
about a product that has to work with heterogeneous firewall
configurations.
-Brian
|
|
