Firewall Wizards mailing list archives
Re: Firewalls & multicast- what's the choice?
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Tue, 01 Aug 2006 10:16:00 -0400
Bob Arthurs wrote:
my company is going to build three new data centers and we are considering The firewalls need to be able to forward quite high volumes of mulitcast and interact with **PIM router** (cisco router). Traffic volumes are at least 10s of Mbps (including unicast traffic), maybe 100s, maybe 1Gbps!
Other than that it be a "firewall" do you have anything in mind vis-a-vis
the security properties you expect from the device? Do you want URL
filtering? Attack signature-checking and blocking? Shared state failover?
Layer 7 protocol verification?
For what it's worth, there are plenty of firewalls that "handle" multicast
by simply letting it zip through. I don't know of any that do anything
especially useful above { source, dest, s_port, d_port } screening.
So if you're looking for that, you may as well just use a router. Maybe
put a big sticker on it that reads "FIREWALL" so your management
will be happy with it. ;)
mjr.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Firewalls & multicast- what's the choice? Bob Arthurs (Aug 01)
- Re: Firewalls & multicast- what's the choice Pete Capelli (Aug 01)
- Re: Firewalls & multicast- what's the choice? Carson Gaspar (Aug 02)
- Re: Firewalls & multicast- what's the choice? Dale W. Carder (Aug 02)
- Re: Firewalls & multicast- what's the choice? Marcus J. Ranum (Aug 02)
- Re: Firewalls & multicast- what's the choice? Gumennik, Mark (Aug 09)
- Message not available
- Re: Firewalls & multicast- what's the choice? Jim MacLeod (Aug 03)
- Message not available
- Re: Firewalls & multicast- what's the choice? Pete Capelli (Aug 03)
- <Possible follow-ups>
- Re: Firewalls & multicast- what's the choice? Horvath, Kevin M. (Aug 01)