> From firewalls-owner @
GreatCircle .
COM Wed Mar 1 16:47 EST 1995
> Date: Wed, 1 Mar 1995 13:38:06 -0700
> From: Jean .
Lehman @
West .
Sun .
COM (Jean Lehman [Sun Los Alamos Consultant])
> To: Firewalls @
greatcircle .
com
> Subject: packet filtering vs application based firewalls
>
>
> please reply to me directly since I am not on this alias....
>
> does anyone have a strong opinion about the advantages/disadvantages
> of a packet filtering firewall system (e.g. checkpoint) over
> an application based firewall (e.g. sidewinder)?
>
> thanks in advance,
>
> jean
>
> ----------------------------------------------------------------------
> Jean Lehman, SE, Sun Microsystems
> jean .
lehman @
west .
sun .
com 505-662-4767
> 2075 Trinity Drive Suite 300
> Los Alamos, NM 87544
>
> Teach children to be polite and courteous in the home, and, when
> they grow up, they will never be able to edge their car onto a
> freeway.
Well, I guess it depends on what level of protection you need. In my
opinion packet filtering firewalls are not worth much beyond a tinkers
damn. Application firewalls can also be dangerous unless you keep
everything but the OS and the firewall code, off the machine, but by
far better that the others. If you are serious (and IMNSHO you can't
be too serious if you are considering FW-1) about security I'd look
at:
SCC's Sidewinder ~ $40K
DEC's SEAL ~ $35K (I think)
Raptor's Eagle ~ $25K
TIS's Gauntlet ~ $15K
My opinion is that the best value lies in the bottom two.
rmck
|
|
