Re: Belkin not-real-firewall?

Duane Arnold <NotME@NotME.com> skriver:
>> Personally think the more common short version is better :-)
> Personally I think the one I am presenting is better. So there you go tic
> for tac I guess.

Thats one of the problems with a non defined vocabulary. The problem
with your long definition (that have a list good things to have in a
firewall) is that it leaves open for real firewalls and other
something without name, e.g. maybe bad firewalls.

>> No but it has to be included in the demands on the FW.
> It's not the job of the gateway FW solution to be some kind of security
> solution for workstations or servers behind the solution other than

I think that when desinging firewall solutions one has to take what
machines and what security solutions they use into consideration. A
firewall for a network with one OpenBSD webserver, (propperly closed
down with competent admins) need less consideration thatr a firewall
for a mixed company with different maybe not competenty persosn
running services on there laptops.

In the first situation someting thats cleans out spoofing might be all
needed to be done. All network traffic except spoofed fraffic may
flow. In the second situation more work have to be added to the
design.

/ Balp

-- 
http://anders.arnholm.nu/			     Keep on Balping