Brent, here is something to post if you'd like...
Free Firewall Product Analysis on the Web
SAN FRANCISCO -- The Computer Security Institute (CSI) released today its third
annual "Firewall Product Matrix." It couldn't be more timely. The results of the
recent "1997 CSI/FBI Computer Crime and Security Survey" showed a 10% rise in
the number of respondents reporting their Internet connection as "a frequent
point of attack."
The "1997 CSI Firewall Product Matrix" is World Wide Web-based (http://
www.gocsi.com) and provides the most extensive free firewall information
available via the Internet. Designed by CSI's Internet/Intranet security
intructor and noted author Rik Farrow, this year's matrix delivers the goods on
35 firewalls from 30 vendors. Over thirty categories of firewall functionality
are detailed; everything from administrative interfaces to user authentication
to customizable alarms to encryption algorithms is explored. In an insightful
analysis which accompanies the matrix, Farrow delineates the pros and cons of
different types of firewalls, comparing the strengths and weaknesses of
"application gateways" versus "stateful inspection."
"This year's firewall products center around two competing technologies,
application gateways and stateful inspection. Most products weigh-in with
application gateway-based firewalls, but the market leader, Checkpoint
Software's FireWall-1, relies on stateful inspection. Each technology has its
advantages and disadvantages."
CSI Editorial Director Richard Power sees the "1997 CSI Product Matrix" site
as a vital resource for the Internet community.
"There is no authority for firewall evaluation recognized by the leading
Internet security experts and there won't be anytime soon. Those who rely on
certification schemes based on the running of a few widely available suites of
tools may well experience a new kind of sticker shock. The stakes are very high.
It is imperative that network and Internet professionals both develop their own
in-house expertise and have independent resources to avail themselves of. We've
designed this site to provide only the best in firewall editorial analysis. And
it's free to everyone, including the firewall vendors."
To supplement the matrix and its accompanying analysis, CSI has provided an
archive of fascinating documents from leading firewall savants, including Farrow
on "Choosing a Firewall with the Right Stuff," Marcus Ranum of V-One Corporation
(Rockville, MD) on "How NOT to Build a Firewall," Ranum and Andrew Molitar of
Network Systems (Minneapolis, MN) in a Point/Counterpoint on "What Kind of
Firewall to Buy?" and Gene Schultz of SRI International (Meno Park, CA) on "How
to Test Firewalls." All these practical and timely pieces are excerpted from
recent issues of the Computer Security Journal, a bi-annual CSI publication.
The site also provides links to other important firewall and Internet
security resources on the Web, including Brent Chapmann's Great Circle Firewalls
mailing list and Gene Spafford's COAST Labs.
The URL to access the site is http://www.gocsi.com.
CSI, established in 1974, is a San Francisco-based association of
information security professionals. It has thousands of members worldwide and
provides a wide variety of information and education programs to assist
practitioners in protecting the information assets of corporations and