[<prev] [next>] [day] [month] [year] [list]
Message-ID: <12091074.1091278090606.JavaMail.ericscher@mac.com>
From: ericscher at mac.com (Eric Scher)
Subject: Re: Appliance-based security gateway?
in-reply-to: <20040730233350.2858.80249.Mailman@...SYS.COM>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
references: <20040730233350.2858.80249.Mailman@...SYS.COM>
Return-Path: : ericscher@....com
......................................................................................................................................
......................................................................................................................................
......................................................................................................................................
====================================
A few colleagues and I started a discussion as to why
one should or shouldn't buy an appliance-based firewall,
ids/ips or other security appliance instead of installing
software on a server.
We thought about patching, performance, and other
reason for each option but I'd like to hear what other
people think.
I would really appreciate if you could share your
thoughts with me.
Thanks in advance,
Bernardo Santos Wernesback
===================================
Ultimately, anything you place at the edge is going to be an appliance.
Maybe it'll be something by Cisco, perhaps a decommission desktop
running IP Tables, or even one of those fancy new boxes that's supposed
to make life easy for inexperienced admins. It's still essentially an appliance.
But what to use? That's really the essence of the question.
I saw a car show many years ago that was doing a segment waxing,
and the host asked his guest what he recommends.
The guest replied; "Whatever you're actually going to use"
The best wax in the world wont protect your car if it sits on the shelf.
The worst wax WILL protect your car, if it's actualy ON the car.
So for those admins that feel comfortable with something that requires a lot of
interaction, and have the time for it, then one of the more user intensive and complex
choices would be better.
If not, get something that will make your life easier, because a security solution only
secures you when it's being used.
......................................................................................................................................
......................................................................................................................................
......................................................................................................................................
Powered by blists - more mailing lists