Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Choosing a firewall (was Re:firewall suggestion)

from [Kevin] Network Security [Permanent Link]
Subject: Choosing a firewall (was Re:firewall suggestion)
Date: Tue, 22 Feb 2005 18:20:34 -0600 
On Thu, 17 Feb 2005 09:17:46 +0000, tom.farrar@it-ps.com
<tom.farrar@it-ps.com> wrote:

The PIX 515 is far superior to netscreen's,


Do either PIX or Netscreen do full fragment reassembly yet?



full stop(.) - by concurrent connections or VPN tunnel, or even throughput.


Do you choose your firewall vendor/platform based primarily on best case
claims for throughput, concurrent connections, and VPN tunnels?

Just playing devil's advocate here, but shouldn't security appliance selection
be driven by the *security* features implemented by each vendor?  I'd hope
that all vendors are pretty much on equal footing in the arena of stateful
inspection packet filter features, and the real differentiation would be in
layers 5-7, with buzzwords like signature scanning and protocol anomaly
detection and "application layer" attack mitigation taking center stage.

I see PIX has just now added "deep inspection" for a handful of protocols,
Netscreen has twice as many listed in their marketing literature.

Kevin Kadow
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Web traffic cleansing, Viancos, Jose
Next by Date:  RE: Nokia IP130 support for 31 bit mask, Cameron . Dry
Previous by Thread:  Re: firewall suggestion, charles antrim
Next by Thread:  RE: Choosing a firewall (was Re:firewall suggestion), Tom Farrar
Indexes:  [Date] [Thread] [Top] [All Lists]