Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Open Source vs Proprietary

from [Mike Thompson] Network Security [Permanent Link]
Subject: RE: Open Source vs Proprietary
Date: Fri, 10 Jun 2005 10:42:50 -0400 
Do people just buy firewalls because they can't be bothered to

learn to set up Open Source systems, or is there more to this that I'm
missing?

 
I think the answer the would be most asked is what are the needs that
you are trying to fill. If you have the time and are not worried about
PPS.One things it guys get stuck on is  not the whether or not you can
but should you? 

If I am managing  a IT department or I am the CTO, CEO or CIO then I
want the most secure, least time consuming product in place to meet my
needs. I don't wouldn't care about the pride of the IT guy because he
wants to do something new. You can order, install and provide confidence
by installing a PIX. At least there is corporate accountability.  Your
time has a price on it too.  

If this is about academia then yes people should learn how. But if this
is business, chances are the IT guy is not going to make the decision on
where his time is spent.  
 
I have a general rule if any thing is inline the I go with something
that is disk less and ASICS based. If I want to Do something that is not
mission critical you have the extra time to spare and I can afford to
have down time then I go with the pc based products.

Mike.    

________________________________

From: Joseph (Joe) Lynn [mailto:Joe.Lynn@tiniusolsen.co.uk] 
Sent: Thursday, June 09, 2005 12:33 AM
To: firewalls@securityfocus.com
Subject: Open Source vs Proprietary



Hi all,

 

Sorry everyone, forgive my ignorance, but I'm still a bit confused on
these issues - I don't understand why anyone would buy a firewall that
has a cost associated with it rather than just taking a bog standard pc
and installing an open source firewall on it, such as IPCop or OpenBSD
PF.

 


From the responses to my post about IPCop and the messages about

OpenBSD, it looks like these options are as secure as you're going to
get.

 

Perhaps it might be easier to configure proprietary firewalls, and they
might give better logging and analysis options, but presumably,
certainly with IPCop, and I would assume, with OpenBSD, you can find
adequate Open Source options that will provide any of the functions that
the other firewalls do (with the exception of ISA2004, which sounds like
it works with the applications rather than the packets....) - like e.g.
snort.

 

Do people just buy firewalls because they can't be bothered to learn to
set up Open Source systems, or is there more to this that I'm missing?

 

Many thanks,

 

Joe
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Watchguard!, Abel Lucano
Next by Date:  Re: Open Source vs Proprietary, Jason Dixon
Previous by Thread:  Re: Open Source vs Proprietary, Fredrik Widlund
Next by Thread:  RE: Open Source vs Proprietary, Conlan Adams
Indexes:  [Date] [Thread] [Top] [All Lists]