If the NT-based firewall uses the existing IP stack and bindings provided by
MS, then the security issues surrounding the MS's IP stack can definitely be
an area for concern. If the implementation of the NT-based firewall removes
MS's implementation and replaces it, then the area of concern should no
longer exist. At least not with MS.
With regards to C2:
I'm aware C2 isn't the highest rating available for an op/sys, but C2 is the
highest rating for a "general" operating system. Other o/s's that have
achieved a higher rating, such as XTS-300, Trusted XENIX, SEVMS VAX, etc
are not (IMHO) "general" operating systems...
Best Regards, Donald Kelloway
http://www.commodon.com
-----Original Message-----
From: Randall, Mark <[EMAIL PROTECTED]>
To: 'Don Kelloway' <[EMAIL PROTECTED]>
Cc: '[EMAIL PROTECTED]' <[EMAIL PROTECTED]>
Date: Thursday, June 03, 1999 10:35 AM
Subject: RE: Why not NT?
>Everything I've seen regarding C2 compliance under NT says that C2 can only
>be achieved when there are no NIC's installed in the machine. Once a NIC
>gets installed, C2 goes out the window. That's a great feature for a
>firewall, eh? ;-)
>
>C2 isn't the highest rating, BTW. It's identified as the "minimum
>acceptable" security level.
>
>
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
