Firewall Wizards mailing list archives
Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name
From: Ryan Russell <ryan () securityfocus com>
Date: Mon, 12 Aug 2002 17:09:01 -0600 (MDT)
So, if I may summarize your question: "Don't buzzwords suck, and isn't this a firewall"? To which I respond: define firewall.
From what I understand about Barnyard (and that I assume others do as
well) is that it will "normalize" packets to some degree, use IDS-style rules, and add blocking. One could easily argue that firewalls should have been able to do the packet normalization and much more granular rules for years. I'm aware of very few that do. Most people can only point to a box of parts or manuals and CDs, and call that a "firewall". Based on what those do, and what Barnyard does, they are not quite the same beast. If you want to use the broad, conceptual definition of "firewall", then they are firewalls. Network switches are nothing but bridges, but the two different wors serve to inform the consumer that each product does something a luittle different. I think a more interesting question is: if GIDS is the new "firewall", then why did firewalls running on top end PCs max at 100mbps or so with just a few dozen rules and terribly simply filtering capabilities... while a GIDS with much more interesting filterinag capabilities and a few thousand rules can also do the same? Did PCs just get that much faster? (I think part of the answer has to do with the fact that IDS' are much less concerned with various groups of IP addresses, like inside, outside, DMZ, web_servers, etc...) Ryan _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- GIDS, Intrusion Prevention: A Firewall by Any Other Name Crispin Cowan (Aug 12)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Paul D. Robertson (Aug 12)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Ryan Russell (Aug 12)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Frank Knobbe (Aug 12)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Ryan Russell (Aug 12)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Barney Wolff (Aug 12)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Crispin Cowan (Aug 13)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name B. Scott Harroff (Aug 13)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Frank Knobbe (Aug 12)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Marcus J. Ranum (Aug 12)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Crispin Cowan (Aug 13)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Iván Arce (Aug 13)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Marcus J. Ranum (Aug 14)
- Re: GIDS, Intrusion Prevention: A Firewall by Any Other Name Mikael Olsson (Aug 14)