| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7089862C4AF302659B9ECFC4@utd49554.utdallas.edu> From: pauls at utdallas.edu (Paul Schmehl) Subject: Why should one buy (or not) an Appliance-based security gateway? --On Friday, July 30, 2004 02:55:04 PM -0300 Bernardo Santos Wernesback <bernardo@....com.br> wrote: > > A few colleagues and I started a discussion as to why one should or > shouldn't buy an appliance-based firewall, ids/ips or other security > appliance instead of installing software on a server. > > We thought about patching, performance, and other reason for each option > but I'd like to hear what other people think. > > I would really appreciate if you could share your thoughts with me. > 1) Most appliance-based devices do not allow access to the operating system from the application. In fact, they don't even allow access to the application, except for its configuration. 2) Most appliance-based devices have a kernel and OS that is specifically built (or the latest buzz word "purpose-built") for the service they provide, making them capable of running on lower speed processors and lower memory footprints than a general purpose OS (or conversely, capable of doing a great deal more with the same CPU speed and memory footprint.) Those are the two main benefits that I hear most often touted. I haven't done any research into those claims. Perhaps someone else has? Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ir/security/
Powered by blists - more mailing lists