The PIX doesn't block port scans??? My take on the buffer overflow blocking is that it sounds like a marketing angle more than anything. It can only work as well as some database is being kept current by the firewall vendor. If you stay on top of SW updates you'll probably be protected as well as or better than the firewall. If you don't stay on top of updates and patches then you're playing Russian roulette and counting on the firewall vendor to not screw it up.
----- Original Message ----- From: "Mark W. Breneman" <[EMAIL PROTECTED]> To: "CF-Talk" <[email protected]> Sent: Wednesday, January 12, 2005 8:29 AM Subject: Firewall for CF server >I am spec-ing out software for a new windows 2003 CFMX server. I >currently > use black ice server ($300) on my other servers for its packet > inspecting. I > like many of its features like Buffer overflow attempt > monitoring/blocking, > Repeated FTP login attempt monitoring/blocking, Port scan > monitoring/blocking etc... Sadly according to the sales rep for IIS.net > they > are discontinuing black ice. The replacement product is about the same > price of the new dell rackmonut server we would put it on. I fear the > new > product is a few $1000 out of our price range. > > What do the rest of you use for software firewall / packet inspection? > > FYI, The servers are also behind a Cisco pix firewall. I state this just > to > preemptively answer the question. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:190125 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
