Re: Belkin not-real-firewall?

"Anders Arnholm" <Anders+news@Arnholm.nu> wrote in message
news:slrne24nfu.d5b.Anders+news@tika.arnholm.se...
>> Well what can I say about it? I didn't write it. It's good enough as far
>> as I am concerned.
>
> Personally think the more common short version is better :-)

Personally I think the one I am presenting is better. So there you go tic
for tac I guess.

>
>> But as far as some standalone solution hardware or software, it had
>> better be able to do all of what's in that link I provided. Otherwise, I
>> don't consider it to be a FW. And I am not including PFW(s) in that
>> definition.
>
> But the linked text if long and not specific, especially in the parts
> about alerting and so on. There are a many possibilites, some good
> some bad and how much must be in the solution before it's a firewall?
> If I don't look at the log's does it stop being a firewall? If it logs
> to some own obsure stuff that no one can understand? And so on, is
> logging critical for it to be a firewall, or just to be a good
> firewall?

If it's not doing what is it doing in that link, then as far as I am
concerned, it's not a network FW solution.
And I'll leave it at that.

>> As far as secured machines behind any FW solution, that's another matter
>> altogether that has nothing to do with FW functionality.
>
> No but it has to be included in the demands on the FW.

What? If the FW is host based I'll agree that other measures have to be
taken in the security of the O/S for FW running on a gateway solution.

It's not the job of the gateway FW solution to be some kind of security
solution for workstations or servers behind the solution other than
protecting the network from outside intrusion. That's the demand for the
most part for a network FW solution I see, because if it were more than
that, the machines behind them would not be compromised and they are being
compromised mainly due to user activities.

Duane :)
Received on Mon May 1 01:01:55 2006