On Tue, 29 Feb 2000, Frederick M Avolio wrote:
> This is, by the way, one of the kinds of problems cited by those of us who
> believe that stateful inspection firewalls are generally insufficient for
> serious security.
This particular problem is also suspected to affect AGs too, correct?
> Every time you read marketing literature about how a
> Firewall-1 firewall is "application aware" think about this. Every time you
> read about all of the services that are "handled" by the firewall, think
> about this. This is the sort of thing that is difficult to get right in a
> packet screening firewall unless you are dedicated to rewriting TCP/IP in
> the content filtering engine.
>
And I know you're aware that FW-1 includes traditional proxies. FW-1 does
many things wrong, but I don't know why you don't stick to those, instead
of creating FUD.
Ryan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
