Apologies for the partial post if it made it out. Call me fat-fingers.
While I find all this virus talk interesting, I think there are better
forums for this discussion.
It has previously been argued here (successfully in my opinion) that the
firewall is not an effective place to employ virus protection. *PLEASE*
let's not reshash this one - go read the archives. That said, this becomes
an issue not related to firewalls, and inappropriate for this list.
Of course I can't resist one last parting shot either....
njb @
knoware .
nl (Niels Bjergstrom) wrote:
>CSE introduced rule-based behaviour-blocking as the primary defence in our
>anti-virus software in 1992, and although this does carry with it some
>administration it seems to me to be a reasonable way to follow.
"Warmly" contact your nearest "almost a lawyer" for your very own behaviour
blocker. Again this is nothing new to this list. Let's move on...
Would anyone care to argue the merits of "daisy chaining" multiple firewalls
from different vendors? For example (pulling names out of a hat for
illustrative purposes), putting a Gauntlet on a screened
subnet where the packet filtering on either side is managed by Firewall-1?
Or placing multiple transparent proxies in sequence?
My take:
While this would obviously increase up-front costs and management overhead,
for the truly paranoid it would add another layer to the "onion" model, and
insulate you from any single flaw in either of the two products. Is anyone
currently doing this?
---
Stephen Goldstein steveg @
cseic .
saic .
com
My first computer: A 24K Atari 800, Rev. A ROMS, November 1980
Disclaimer: That's not what I said.
|
|
