Hmmm, that link you attached didn't really have anything to do with
large rulebases. Besides, I've worked on CP firewalls that have 200+
rules, 600+ translation rules, and many thousands of objects, and rulebase
compilations have never taken longer than 5 minutes. Not that I recommend
a monster rulebase like that, its too large to manage, but we've been doing
that since 3.0a without trouble.
-p
"Those who would give up essential liberty for temporary safety deserve
neither liberty nor safety" - Benjamin Franklin, 1759
[EMAIL PROTECTED]@Lists.GNAC.NET on 11/30/2000 01:21:25 AM
Sent by: [EMAIL PROTECTED]
To: "Larry Paul" <[EMAIL PROTECTED]>, "Saso Virag" <[EMAIL PROTECTED]>
cc: "firewalls_list" <[EMAIL PROTECTED]>
Subject: RE: Emily's response to the rumors
But here is an interesting tidbit: a 175+ rules rulebase with about 4,000
objects. From the GUI, will take almost an hour to compile and load the
policy.. Not sure if this has been addressed in the latest service pack or
not...
Refer to a discussion thread
http://www.securityportal.com/list-archive/firewall-wizards/2000/Sep/0161.html
At 10:59 PM 11/29/00 -0600, Larry Paul wrote:
>The Universe produces them faster & faster. (us idiots) Security expert:
>Yesterday I couldn't spell it, today I are one :>) Another reason for
>considering AI in security. That cold, hard voice ringing out "EXCUSE
ME!!
>EXCUSE ME!!! Are you sure you want to leave this configured like this?? "
>"Phew, No! Thanks Robby."
>The universe is bounded, unfortunately human stupidity is not.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
