On 1/5/10 3:24 PM, Robert Brockway wrote:
On Tue, 5 Jan 2010, Dobbins, Roland wrote:
The problem is that your premise is wrong. Stateful firewalls
(hereafter just called firewalls) offer several advantages. This list
is not necessarily exhaustive.
Great advantages list, but where's the disadvantages list?
Here's mine:
1..n) Stateful firewalls go down. It's the very nature of what they
do. If you haven't had this problem, then your application is small.
Everyone needs to listen to Roland's mantra: "stateless ACLs in hardware
than can handle Mpps". It's more than just a hint.
