nuqneH, Someone posted a question to firewallsat_private if x.25 firewalls do exist. The answers made me wonder: people started to say things like "yes, firewall X does support x.25, fddi, token ring, etc..". Such an answer gives me strong impression that they mean "product X can firewall IP on x.25, fddi, token ring.." which is completely different thing. A question is: what non-IP protocols can be (and should be) firewalled? I remember there was a DECnet firewall from DEC, i've also seen firewall-like "connection divert for secondary authentication" functionality on X.25 network (i know Citibank used that but it did not help them much in 1994 - not because it was no good but because of poor security design of the bank network itself).. A few other things like that.. Some people ask me if i can let ipx through firewalls i build - i answer no just because i can't filter and monitor it properly and thus it will break the security policy.. So i'd like to hear anything on related topics. Opinions on hardware, software, general design and implementation, etc.. --- _ _ _ _ _ _ _ Must be a visit from the dead.. _| o |_ | | _|| | / _||_| |_ |_ |_ CU in Hell .......... Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_|
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:57:46 PDT