Firewalls: Raptor/PIX/FW-1 & Citrix

Firewalls
(August 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Raptor/PIX/FW-1 & Citrix
From:	Eric Schrauth <smmj @ MO . NET>
Date:	Thu, 7 Aug 97 09:39:02 Central Daylight Time
To:	firewalls @ greatcircle . com

I had been reading with interest the messages regarding the Citrix Winframe product, but they 
have kinda dried up.  I have a question relating to the Raptor, PIX and FW-1 products and 
Citrix.  According to my vendor(s), to use any of the software firewalls (Raptor & FW-1) with 
Citrix, you have to disable the ability of the firewall to examine the packet in depth, and just 
let the packet pass through the firewall based upon what port it is coming from.  I am unsure of 
the way that the PIX handles it, but assume is similar.  One of the advantages (I thought) to 
using the software firewall was that I did this extensive level of verification.  My question is 
if you disable this feature, why do you need to have the software firewall instead of some other 
solution.  It is not the cheapest way to do things.  Have I given enough information to the 
group to talk about this intelligently?

Follow-Ups:

Re: Raptor/PIX/FW-1 & Citrix
From: Matt Wallace <matt @ ender . com>

Indexed By Date	Previous:	<fyi> Firewall Appliances From: Vin McLellan <vin @ shore . net>
Indexed By Date	Next:	Re: Mail bombing made legal... From: Richard Pouncy <prc @ Noah . rtscomp . com>
Indexed By Thread	Previous:	<fyi> Firewall Appliances From: Vin McLellan <vin @ shore . net>
Indexed By Thread	Next:	Re: Raptor/PIX/FW-1 & Citrix From: Matt Wallace <matt @ ender . com>