Great Circle Associates Firewalls
(May 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: [FW1] [FW-1] [Solaris 2.6] DHCP, VLSM thoughts
From: Eric Deschamps <Eric . Deschamps @ France . Sun . COM>
Date: Tue, 6 May 1997 12:12:55 +0200 (MET DST)
To: Marc Mosko <marc @ tear . com>
Cc: "Marc D. Jackson" <dechon @ CS . Stanford . EDU>, Eric . Deschamps @ France . Sun . COM, Jerald . Josephs @ Ebay . Sun . COM, firewalls @ GreatCircle . COM, fw-1-mailinglist @ us . checkpoint . com, drexx @ pspi . com . ph
In-reply-to: "Your message with ID" <336E7325 . B14CADEA @ tear . com>
Reply-to: Eric Deschamps <Eric . Deschamps @ France . Sun . COM> 
> 
> In respect to a firewall, you can run gated instead of routed.  HP/UX
> and IRIX both ship w/ gated (as do others).  Sun still only ships
> routed.  Gated will do OSPF.  Firewall-1, for instance, can be
> configured to allow OSPF through to the kernel.
> 
> -- 
>    Marc Mosko                   Email: marc @
 tear .
 com
>                                 Web:   http://www.tear.com/

I am not sure that a firewall should deal with routing at all (and with other
stuff as well). I like the idea of building a perimeter defense with a
firewall doing only filtering (with states engines) and having some proxies
for specific applications.

Eric
--
Disclaimer: This is my own opinion and not necessarily that of my
employer, Sun Microsystems.
Follow-Ups:
References:
Indexed By Date Previous: Re: [FW1] [FW-1] [Solaris 2.6] DHCP, VLSM thoughts
From: Eric Deschamps <Eric . Deschamps @ France . Sun . COM>
Next: Re: Need to restrict http://www.nude.com and such
From: Ziv Dascalu <ziv @ AbirNet . com>
Indexed By Thread Previous: Re: [FW1] [FW-1] [Solaris 2.6] DHCP, VLSM thoughts
From: Marc Mosko <marc @ tear . com>
Next: Re: [FW1] [FW-1] [Solaris 2.6] DHCP, VLSM thoughts
From: Adam Safier <asafier @ csc . com>
Google
 
Search Internet Search www.greatcircle.com