Current Firewall technology is its Fourth generation and includes such features as Antivirus: marketing crap! IMHO, not a firewall's job, but clamd with some add-in for your smtp server will take care of this. (i run qmail with qmail-scanner and clamav). Anti-Spyware: uhhh yeah, right, not the firewalls job. Content Filtering: well, if you want to run a slow proxy server instead of a packet-filtering firewall, sure. squid + dans guardian if you really want to. Intrusion Prevention: kinda/sorta could be part of a firewall, but you can run snort on the same server as the firewall and get the same benefits.
Jason On Mon, Jul 10, 2006 at 05:44:41PM -0400, Lee Fickenscher wrote: > I just received an "audit" report that I'm supposed to discuss at a > meeting tomorrow. Part of that report covers my firewall. The current > firewall is OpenBSD 3.5 (yes, a bit out of date). My question regards > the wording of the report. It talks about "generations" of firewalls > (first gen, second gen...) I've never heard of the term generations > used to discuss firewalls. Has anyone heard of this term used with > firewalls? > > While the auditor might have been general competent, and certainly > was more knowledgeable about Windows than I am, I don't feel that he > is really up on security. He recommends replacing my box with a > Sonicwall unit, which, if I understand correctly, is just a dedicated > Linux box. I don't see how that gains me much more than a pretty > interface. His company is most likely a Sonicwall reseller, but I > don't think he is even aware what the Sonicwall runs under the covers. > > Pertinent text follows verbatim: > > "Your current Firewall is a PC running a version of OpenBSD (Unix). > This solution is a Firewall but it has only the most basic Firewall > capabilities of NAT and port blocking. This type of Firewall was > current technology found several years ago in first generation > Firewalls. Current Firewall technology is its Fourth generation and > includes such features as Antivirus, Anti-Spyware, Content Filtering, > and Intrusion Prevention. The idea is that the more stuff you block > at the perimeter the better your whole network will perform. The > Sonicwall solution we are proposing also has the ability to do both > software and hardware VPN if at a future date you wish to implement > secure Internet connections from remote sites." > > Any input is appreciated (preferably constructive) particularly from > any of the security experts out there. > > Thanks, > Lee > -- > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ -- ================================================ | Jason Welsh [EMAIL PROTECTED] | | http://monsterjam.org DSS PGP: 0x5E30CC98 | | gpg key: http://monsterjam.org/gpg/ | ================================================ -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
