Re: Speed of firewall with AV/DI

"Mark" <nothere@notthere.com> wrote in message
news:433ca5db$0$6854$bb4e3ad8@newscene.com...
> "CCMiami" <nospam@modeldriven.org> wrote in message
> news:pQc_e.71344$Cc5.40250@lakeread06...
> If you want a COMPLETE UTTERLY SECURE FROM VIRUS'S BEYOND YOUR WILDEST
> DREAMS network then investigate using a combination of Zoning, IPS/GAV,
> and a switch that supports Multi-VLAN segementing. The Allied Telesyn
> 8524M does this. It allows you to stop LAN clients talking to each other
> and thus spreading nasties.
>
> What you do is through all your desktops and laptops into a LAN zone, your
> servers into a SERVER zones and IPS/GAV between the zones. Because the
> switch blocks the clients talking to anything but the Sonicwall they can't
> spread nasties. You can do it on a TZ170 with the enhanced OS, but you
> have to watch your throughput versus $$$ versus security ;)

I love statements like that "utterly secure ..etc".

No gateway device provides that unless it can detect viruses in pipes,
kazaa, fragmented email messages, encrypted tunnels etc... which is
impossible. Not to mention zero-day viruses.

Also, are you planning on creating a separate VLAN for every single client?
Have you ever tried to run a network bigger than 5 or 10 users that way?

-Russ.
Received on Sat Oct 15 04:35:41 2005