lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <12091074.1091278090606.JavaMail.ericscher@mac.com>
From: ericscher at mac.com (Eric Scher)
Subject: Re: Appliance-based security gateway?

in-reply-to: <20040730233350.2858.80249.Mailman@...SYS.COM>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
references: <20040730233350.2858.80249.Mailman@...SYS.COM>
Return-Path: : ericscher@....com

......................................................................................................................................
......................................................................................................................................
......................................................................................................................................

====================================

A few colleagues and I started a discussion as to why 
one should or shouldn't buy an appliance-based firewall, 
ids/ips or other security appliance instead of installing 
software on a server. 

We thought about patching, performance, and other 
reason for each option but I'd like to hear what other 
people think.

I would really appreciate if you could share your 
thoughts with me.

Thanks in advance,

Bernardo Santos Wernesback

===================================


Ultimately, anything you place at the edge is going to be an appliance.
Maybe it'll be something by Cisco, perhaps a decommission desktop 
running IP Tables, or even one of those fancy new boxes that's supposed
to make life easy for inexperienced admins. It's still essentially an appliance.

But what to use?  That's really the essence of the question.

I saw a car show many years ago that was doing a segment waxing,
and the host asked his guest what he recommends. 
The guest replied; "Whatever you're actually going to use"
The best wax in the world wont protect your car if it sits on the shelf.
The worst wax WILL protect your car, if it's actualy ON the car.

So for those admins that feel comfortable with something that requires a lot of
interaction, and have the time for it, then one of the more user intensive and complex
choices would be better. 

If not, get something that will make your life easier, because a security solution only
secures you when it's being used.

......................................................................................................................................
......................................................................................................................................
......................................................................................................................................


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ