Hi
I can't see any technical reason why not.
However, the Nokia device uses unix and because almost everyone hates MS to
some degree the applicance makers would be distrustful that MS would have
some hidden agenda.....(e.g. "....in the new version you MUST have SMS to
manage firewalls blah blah.... ;-)
I quite like Windows but always with a mistrust built up over the years.
Mind you - you could say the same about AIX, Solaris etc... - at the end of
the day there is no Utopia (believe me - I've looked !) - they're all out
to get ya.
I think the only way on these embedded devices is to use as "open" a Unix
as possible - say Linux or similar to protect against self-interest of OS
developer and also it's probably going to be the most compact OS - which is
important for these embedded systems.
Tim Higgins
Administrator
<[EMAIL PROTECTED]> To:
[EMAIL PROTECTED]
Sent by: cc:
[EMAIL PROTECTED] Subject: [FW1]
Windows NT Embedded -> FW1 (or any other firewall for
kpoint.com that matter )
16/06/00 14:07
�� I've been doing a little reading on Windows NT embedded. I was wondering
if any one knew of any work being done with firewall appliances, Windows NT
embedded and FW-1 (or any other firewall for that matter)?
�� It seems to me that FW-1 on WinNT Embedded would be more secure. Instead
of hardening a system, design the system without the offending services to
begin with. Only have the most basic NT services available to run TCPIP and
the FW (inspection) module. The GUI/Management station could be on another
machine and the two could talk via secured channel. The Management station
could also be used to manipulate TCPIP parameters, ARP and routing on the
appliance. The less programs on the appliance, the less possible
vulnerabilities to be concerned about and the less that can be used against
you.
�� Create a device that is more reliable than a standard PC; i.e. a
headless appliance that contains only CPU, PCI slots (for nics or crypto),
flash or solid state memory (M-Systems) and the appropriate controllers and
BIOS.
�� If you are a Linux or Unix supporter, these principles would also apply.
I'm just not sure if embedded versions of Linux or Unix exist.
�� Either way, I'd be interested in hearing what people think about this
concept.
#**********************************************************************
This message is intended solely for the use of the individual
or organisation to whom it is addressed. It may contain
privileged or confidential information. If you have received
this message in error, please notify the originator immediately.
If you are not the intended recipient, you should not use,
copy, alter, or disclose the contents of this message. All
information or opinions expressed in this message and/or
any attachments are those of the author and are not
necessarily those of Hughes Network Systems Limited,
including its European subsidiaries and affiliates. Hughes
Network Systems Limited, including its European
subsidiaries and affiliates accepts no responsibility for loss
or damage arising from its use, including damage from virus.
#**********************************************************************
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
