I have been in the process of evaluating various firewalls. Although the
main differences I have found to date is "ease of use"..some are pretty
easy to configure, others have proven difficult, my main concern is still
one of 'inherent security'..ie. which one is the most secure (once
configured properly of course).
Some vendors are saying that as their firewall filters look at the message
in its 'raw form' between layer 2 and 3 of the communications layer, it is
inherently more secure. Others are saying that application specific
firewalls are more secure as they examine each application in detail. Are
these different ways to skin the same cat, or is one method actually more
secure than the other?
Thanks in advance for any comments.