At 04:17 PM 3/2/99 +0000, Bennett Todd wrote:
>1999-03-02-02:29:51 [EMAIL PROTECTED]:
>> - How does the "Cisco Firewall Feature Set" compare with Firewall-1 for
>> features, security & performance.
>
> AFAIK, Cisco Firewall Feature Set is basically a
>moderately-enhanced setup for doing basic packet filtering, a capability that
>has been available in plain old IOS for some time.
Hi Bennett,
You are incorrect. The IOS Firewall Feature Set maintains state of
TCP and UDP flows with the usual parameters. It has session support
so that it can recognize applications that may open multiple channels
such as FTP, SQL*net and H.323 and it will associate the secondary
channels with the primary. It also has some application support and
can recognize appropriate and inappropriate commands in applications
such as SMTP and FTP and can recognize and block Java from HTTP.
I won't comment on the original question as I am biased.
Chris Lonvick
Cisco Systems
Consulting Engineering - Office of the CTO
+1.512.378.1182
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
