Brian Steele wrote:
>Let me try again - how about this quote from LAN Times' Aug 98 test on
>NT Firewalls: "Contrary to commonly held opinions, Windows NT is now
>(at last) a reasonably secure computing platform, and installing and
>configuring a firewall on NT is often more simple than on its Unix
>brethren. Unix firewalls, BECAUSE OF THE OS'S OPEN ARCHITECTURE AND
>LONG LEGACY OF SECURITY HOLES (my caps), are not really any more
>secure, either. "
>
>http://www.lantimes.com/testing/98compare/pcfirewa.html
Ah, LANTimes. The sooth-sayers of network security... ;)
Since we are quoting LANTimes, I found the following commentary from the
same issue interesting as well:
http://www.lantimes.com/testing/98aug/808b041a.html
"The endless parade of holes in Windows NT is the stuff of legend..."
http://www.lantimes.com/testing/98aug/808b037a.html
"For this comparison, we looked at NT-based systems, simply because that
seems to be the security platform foremost on your minds right now."
Humm. Somehow the above two comments appear to be related? ;)
So the choice of NT seems to be more PR driven rather than security
driven.
I found this quote pretty funny:
http://www.lantimes.com/98/98aug/808c054a.html
"If any security vendors out there have a firewall that runs fast on a
486 with 16MB of RAM, and costs under $2,500, give me a call. I promise
you a good review. "
I see, so the criteria for a good firewall is that it is cheap and runs
on old hardware. From LANTime's perspective, this is enough to warrant
"a good review".
Along the same thread:
http://www.lantimes.com/testing/98aug/808b043a.html
"It simply doesn't make sense to buy a state-of-the-art server to deploy
as an otherwise unuseable firewall. Firewalls, by their very definition,
should be expendable, and the philosophy behind their deployment has
traditionally been to make use of whatever spare PCs you have in
building one."
http://www.lantimes.com/98/98aug/808c054a.html
"The original idea behind the firewall has always been: Take what would
other-wise be a piece of junk from your LAN, put two NICs inside it,
place it between the LAN and the Internet, and install a lean-and-mean
firewall package on it. Voil�, instant security."
Are these people even working in the same century? So who out there
considers their firewall "expendable"? I think I have more clients
running a HA configuration than clients who could live without their
Internet connectivity while another "piece of junk" is rolled out.
I love the "instant security" commentary. Just add a little water.... ;)
I think the above quotes go a long way towards explaining this link:
http://www.lantimes.com/
"We are sorry to announce that CMP Media has ceased publication of
LANTimes and LANTimes Online as of October, 1998."
IMO everyone has their own spin on what makes a good firewall, myself
included. When it comes down to it however, a security analysis is the
proper yardstick to use in picking the correct firewall(s). Different
needs for different environments and all of that. The same goes for the
underlying operating system.
Cheers,
Chris
--
**************************************
[EMAIL PROTECTED]
* Multiprotocol Network Design & Troubleshooting
http://www.amazon.com/exec/obidos/ASIN/0782120822/geekspeaknet
* Mastering Network Security
http://www.amazon.com/exec/obidos/ASIN/0782123430/geekspeaknet
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
