Firewall Wizards mailing list archives
Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)
From: George Capehart <capegeo () opengroup org>
Date: Thu, 25 May 2006 19:44:09 -0400
Robert A Beken wrote:
I have a question for the group about this new trend of using a single firewall for all IDS and Firewall related tasks in an integrated box for enterprise organizations (not SOHO). I personally think it's a bad idea and lacks flexibility in configuration and "defense in depth" posture towards security. What are other people's thoughts?
IMHO, single points of failure are /*NEVER*/ appropriate. In the part of the world from which I come, we even use firewalls from two different vendors on the internet-facing side and the internal-facing sides of a DMZ. On my home network I run two different firewalls, have two different AV packages on each machine, HIDS and firewalls on each machine, two different anti-adware and two different anti-spyware packages on each of the Windoze boxes. No single vendor can ever cover all the bases of any one "anti-", much less do it all . . . The idea of using "an integrated solution" runs counter to everything we've been doing in the "defense in depth" space . . . FWIW. /g _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Robert A Beken (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Shashi Shekhar (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) R. Rocky (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Johann_van_Duyn (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) sushil menon (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Paul D. Robertson (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) ArkanoiD (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) sushil menon (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Shashi Shekhar (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Dave Piscitello (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) ArkanoiD (May 25)
- Message not available
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) George Capehart (May 25)
- Message not available
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Marcus J. Ranum (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Frank Pawlak (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Jim Seymour (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Frank Pawlak (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Marcus J. Ranum (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Carson Gaspar (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Marcus J. Ranum (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) sushil menon (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) sushil menon (May 27)