Re: Wrt54G is a FW appliance?
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: Wrt54G is a FW appliance?

From: Floyd L. Davidson <floyd@apaflo.com>
Date: Mon Aug 01 2005 - 00:01:26 CEST



Leythos <void@nowhere.lan> wrote:


>


>Just because someone comes out with ...



... more simplistic /non/-/sequiturs/ doesn't make it valid.



>You seem to be asking me, and all of us, to believe that something is a


>quality firewall without any certification - and I don't know many people


>that are willing to risk their business reputations on unproven solutions


>without independent confirmation.



Point in fact: OpenBSD is widely reputed to be the most secure


system commonly available.



  1) No system using it is certified by your "reputable"


     certification agency.



  2) OpenBSD itself is not certified by your "reputable"


     certification agency.



>From that we can draw two obvious conclusions:



  1) Lack of said certification means nothing.



  2) Your logic is invalid.



More verbosely, that means you *can* use ICSA certification to


suggest that a particular certified device is probably suitable;


but you *cannot* say with any validity that a non-certified


device is therefore unsuitable (which is what you have stated).



Regardless, none of this applies to the OP's original question,


which had *nothing* to do with some technical level of quality


for a firewall.  He asked if Linksys equipment is any different


than the Watchguard devices marketed as "FW appliances".  The


answer is that there is no difference.  Several of the


Watchguard devices (which are not ICSA certified either) that


are marketed as "FW appliances" have virtually identical or


lesser capabilities than the Linksys device specified.



By *any reasonable* definition they are all firewalls.  Whether


they are top of the line, fully featured, or the most secure, is


of course neither here nor there in regard to the OP's question.



What the OP has been falsely claiming, and you and at least one


other person seem to being supporting, is that because the


*high* *end* Watchguard devices are high quality the low end


devices are therefore acceptable by default; and then you do not


extend the same bypass to Cisco's low end devices apparently


because they use the Linksys brand name.



The fact is...  the WRT54G is a better firewall than the


equivalent Watchguard devices, and comes at a significantly


lower cost too.  They are *both* suitable for many or most SOHO


needs, and neither are suitable for any network that requires


the best firewall technology available.



-- 
Floyd L. Davidson            <http://www.apaflo.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@apaflo.com


Received on Thu Sep 29 19:59:59 2005