> This is a bit of a simplification, but lets say that all an SI firewall
does is ensure that connections from source to destination
> are established correctly and in line with the rulebase you have defined,
and are revoked on inactivity. Lets say it also
> tracks sequence numbers
AFAIK, Check Point [regarded here as paradigm for some kind of stateful
stuff & inventor of that marketing buzzword... isn't it a trade mark?] does
_not_ even track sequence numbers...
Enno Rey
[EMAIL PROTECTED] --- www.security-academy.de
PGP 74C0 C7E1 3875 E4EB 9B75 8B9D 5E2D 3178 685B F222
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
