We are in the middle of a great debate as to the proper way to firewall 15
remote sites. We need to essentially open dedicated lines to our partners
to allow incoming/outgoing FTP, X.400, and SMTP. One camp says ACLs in
routers will be sufficient, another says stick with Firewall-1 and
proliferate it like hell. The cost difference network wide between the two
approaches is huge.
Where can I find an (authoritative) threat analysis that describes the
vulnerability of router based static ACLs (non-stateful inspection)? Also,
what methods (toolsets) are available to launch attacks through a router
configured with ACLs? any advice suggestions, etc appreciated.
Thanks in advance.