Firewall Wizards mailing list archives

Re: Comparisons between Router ACLs and Firewalls

From: David Pick <d.m.pick () qmul ac uk>
Date: Thu, 01 Jan 2004 23:16:48 +0000


There are several different "firewall" technologies that work
at different layers in the protocol stack. One of these is
"packet filtering" and router ACLs are just one particular
implementation of this general technique. They are, in the
real world, an important implementation because there are
usually more routers than there are firewalls in a network
and using this allows more conotrol points to be used and also
allow for more depth to your defences.

In the network I control at my place of work we're replacing
Cisco routers by PCs running FreeBSD and IPFilter so that we
can have better controls at more levels in the protocol stack
than is provided by simple ACLs.

-- 
        David Pick

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Comparisons between Router ACLs and Firewalls sd2mcleo (Jan 01)
- Re: Comparisons between Router ACLs and Firewalls David Pick (Jan 03)
  - RE: Comparisons between Router ACLs and Firewalls Bill James (Jan 03)
    - RE: Comparisons between Router ACLs and Firewalls Marcus J. Ranum (Jan 03)
    - RE: Comparisons between Router ACLs and Firewalls Bill James (Jan 03)
    - Message not available
    - RE: Comparisons between Router ACLs and Firewalls Marcus J. Ranum (Jan 03)
    - RE: Comparisons between Router ACLs and Firewalls Bill James (Jan 03)
    - RE: Comparisons between Router ACLs and Firewalls Paul Robertson (Jan 03)
    - RE: Comparisons between Router ACLs and Firewalls Wes Noonan (Jan 03)
    - RE: Comparisons between Router ACLs and Firewalls Paul Robertson (Jan 03)
    - RE: Comparisons between Router ACLs and Firewalls Wes Noonan (Jan 03)
    - RE: Comparisons between Router ACLs and Firewalls Bill James (Jan 03)

(Thread continues...)