Firewalls: Re: How secure is Ascend?s Secure Access Firewall

Firewalls
(August 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: How secure is Ascend?s Secure Access Firewall
From:	dsulser @ leosec . saic . com (David Sulser)
Date:	Wed, 14 Aug 1996 12:00:09 -0400
To:	firewalls-digest @ GreatCircle . com, renec @ futurus . com

 
> 	Ascend has recently come out with a really effective firewall which is a
> software option for many of their routers.  From the marketing spec, it
> looks like a modified approach on a packet filtering technology and it's
> clearly states that is not proxy based.  Any thoughts on how secure it may be?
> 
> Rene
> 

Sure. It is derived from the Morningstar firewall router technology
which they recently acquired. Morningstar's modus operandus is the
"dynamic packet filter."  According to the Morningstar tech reps I
spoke to, their filters open a given port(s) only when the router CPU
sees an authorized connection request. The filter stays open for the
duration of the session and then goes away. The ports do not remain
open by default. Great for reducing ports scannable from the outside to
a minimum.

This approach offers more security than classical packet filtering
(static filters). It does not offer the kind of control and granularity
you get with an application gateway firewall. The Morningstar
technology will probably do better now thanks to Ascend's market
position.

Regards,
David

Indexed By Date	Previous:	Re: How secure is Ascend's Secure Access Firewall From: "Irwin Lazar" <lazar @ netevolve . com>
Indexed By Date	Next:	Re: NT Firewalling From: "Fernando da Silveira Montenegro" <silveira @ nutec . com . br>
Indexed By Thread	Previous:	How secure is Ascend?s Secure Access Firewall From: Rene Campbell <renec @ futurus . com>
Indexed By Thread	Next:	Question about Web sizing From: jorge_triana @ es . adp . com (Jorge Triana)