| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: ericscher at mac.com (Eric Scher) Subject: Re: Appliance-based security gateway? in-reply-to: <20040730233350.2858.80249.Mailman@...SYS.COM> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit references: <20040730233350.2858.80249.Mailman@...SYS.COM> Return-Path: : ericscher@....com ...................................................................................................................................... ...................................................................................................................................... ...................................................................................................................................... ==================================== A few colleagues and I started a discussion as to why one should or shouldn't buy an appliance-based firewall, ids/ips or other security appliance instead of installing software on a server. We thought about patching, performance, and other reason for each option but I'd like to hear what other people think. I would really appreciate if you could share your thoughts with me. Thanks in advance, Bernardo Santos Wernesback =================================== Ultimately, anything you place at the edge is going to be an appliance. Maybe it'll be something by Cisco, perhaps a decommission desktop running IP Tables, or even one of those fancy new boxes that's supposed to make life easy for inexperienced admins. It's still essentially an appliance. But what to use? That's really the essence of the question. I saw a car show many years ago that was doing a segment waxing, and the host asked his guest what he recommends. The guest replied; "Whatever you're actually going to use" The best wax in the world wont protect your car if it sits on the shelf. The worst wax WILL protect your car, if it's actualy ON the car. So for those admins that feel comfortable with something that requires a lot of interaction, and have the time for it, then one of the more user intensive and complex choices would be better. If not, get something that will make your life easier, because a security solution only secures you when it's being used. ...................................................................................................................................... ...................................................................................................................................... ......................................................................................................................................
Powered by blists - more mailing lists