|
Posted by Leythos on August 3, 2004, 9:59 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> I was wondering if somebody could clarify the difference between a cheap
> retail firewall, like a D-Link you might get at Staples, with professional
> grade firewalls from Symantec or Watchguard.
You need to separate the idea that a router with NAT is a firewall from
what a real firewall is/does. Routers with NAT provide a blocking
service based on the NAT function, nothing else.
Firewalls may or may not use NAT and provide filtering of traffic based
on traffic type (not always a port number) and do it in both directions.
There is a huge difference between a router with NAT and a firewall of
any type.
> If there is no serving going
> on behind the firewall, (ie, no virtual server passthrough), is there
> really a difference in security? Doesn't this eliminate the need for
> SPI? Are $600 firewalls harder to defeat than $40 firewalls? Is it just
> the bells and whistles of logging and alerts?
Yes, in one case, there was as sorority that had a NAT system installed,
there were 6 machines that were infected with a virus that had it's own
SMTP server. The infected machines were sending out infected emails
directly form their systems, bypassing the internal SMTP server. Had a
real-firewall been installed (or properly configured high-end router)
SMTP would not have been permitted from the local devices (except the
SMTP server) to the internet, or it would have only been permitted from
the workstations to the ISP's SMTP server for outbound messages. A
generic router would not have prevented this problem from reaching the
world.
$600 firewalls, or any firewall that is a real firewall, is harder to
defeat when properly configured than ANY router with NAT and SPI or any
router with just NAT.
If you've been reading these groups for a couple weeks you would already
know this :-)
--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
| 
XML site map