Not a full blown firewall, great external or internal choke point though.
Refer to Chapter 8 of Building Internet Firewalls for a detailed
explanation of various firewall architectures.
/m
Rick Murphy <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
02/29/00 05:41 AM
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
cc:
Subject: Re: Firewall Sizing
At 04:42 PM 2/28/00 -0600, Martin H. Hoz Salvador wrote:
>I was reviewing the "Gigabit Firewalls" thread.
>
>I've seen the next URL
>(http://www.data.com/issue/990107/security1.html) where
>Fore and Checkpoint claims to have excellent throughput speeds.
As far as I can see, the Fore only supports a small subset of Firewall-1
capability. (No security servers. No user authentication. No NAT. No UDP
state tracking.) In fact, the product descriptions make it sound like all
you get at 'wire speed' is "established" checking. Firewall throughput is
important, but security should be more important, IMHO.
-Rick
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
