Why is a proxy firewall inherently more secure than a stateful inspection firewall. If this is true why is the trend towards stateful inspection among leading firewall vendors? I was under the impression that most shops were moving away from Gauntlet which it was my understanding was pretty much a favorite of the financial industry but not many others.
--- Bill Royds <[EMAIL PROTECTED]> wrote: > Gauntlet is a proxy firewall and FW-1 uses stateful > inspection so there are significant logical > differences between one and the other. Because of > this it probably not be a good idea to just convert > the rules. A proxy firewall is inherently more > secure than a stateful inspection one. So a single > rule on the Gauntlet may need several FW-1 rules in > a particular order to achieve the same effect. > Blowing the order can invalidate the effect of the > rules. > I would recommend reviewing your security policy > with a good FW-1 expert and re-creating the FW-1 > rule set from the beginning to ensure that it still > covers the same areas that your Gauntlet covered. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > Enrique Martin > Sent: Wed April 03 2002 05:04 > To: [EMAIL PROTECTED] > Subject: Migration from Gauntlet 5 to Firewall-1 > > > Hi all, > have do you do a migration of the policies from > Gauntlet to Firewall-1 > in diferents machines? > I think that it doesn�t be too much difficult, but I > would like to have > some advices from someone who has do it. Somebody > could help me? > > Thanks in advanced. > > ------ > Enrique > -- > > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls __________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
