comp.security.firewalls archive
Re: what are 'host -based' vs OS-based firewalls?
Date: Fri May 27 2005 - 11:37:28 CEST
xz wrote on 26 May 2005 13:02:30 -0700:
>
> Ya I know what firmware is - I've updated firmware quite a few times
> too on a variety of machines. I'm trying to think, what kind of
> firewall is firmware based :) ? I can't imagine it, but it must exist
> :)
How about the nForce4 chipset with built-in firewall? That would be firmware
based.
> secondly, I don't understand why a firmware-based firewall is not
>
> scaleable, whereas OS-based f.wall is scaleable.
I guess a firmware based one is limited by the chipset it's running on (eg.
it would only have limited space to hold rules and current connection
states). You can't upgrade the chipset, you can only replace it. However, an
OS-based firewall might be able to scale to new hardware (faster processor,
more RAM, etc.).
Dan
Received on Thu Sep 29 19:53:05 2005