On Monday, 2001/12/24 at 13:04 EST, "Li, John" <[EMAIL PROTECTED]> wrote: > Is there a list of personal firewalls which can support centralized > configuration and logging?
I don't know if there are any firewalls that claim any special capabilities for centralized config, but if there are I would look very carefully into the mechanism they use for doing the config. Potentially this feature could be a pretty big exposure of the firewall (and thus your "protected" network). Clearly such a feature, presumably being employed over the open Internet, would need strong authentication and strong encryption of the config and log data. I rather favor a different approach - don't prescribe the specific firewall to be used but require that whatever is used must provide some specified level of protection. And how would that be done? When the remote network tries to connect to your main net (probably via a vpn) have your authentication system do a vulnerability scan of the remote net. If it doesn't pass the test, it doesn't get authenticated. Tony Rall _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
