Re: [fw-wiz] Proverbial appliance vs software based firewall

Previous message: Steve Bellovin: "[fw-wiz] Input requested for second edition of &quot;Firewalls and Internet Security&quot;"
In reply to: Dominic Malig: "[fw-wiz] Proverbial appliance vs software based firewall"
Next in thread: Anton Aylward: "Re: [fw-wiz] Proverbial appliance &quot;Its software, Jim!&quot;"
Next in thread: Mikael Olsson: "Re: [fw-wiz] Proverbial appliance vs software based firewall"
Reply: Anton Aylward: "Re: [fw-wiz] Proverbial appliance &quot;Its software, Jim!&quot;"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

mjrat_private

Dominic Malig wrote:
>any updates on the
>proverbial firewall appliance vs software firewall
>'which is better' discussion(aside from the usuals re
>hardened OS, cost, etc.)  

It amazes me that the topic comes up at all!!! :)

Inside every "appliance" is an operating system. Inside
every ASIC or "embedded processor" is software. There's
really no difference other than the packaging. I like
the "appliance" approach because it lets the vendor
guarantee a compatible and well-balanced hardware/software
solution. But it amazes me when someone says "well, it's
an appliance so it must be more secure/reliable/faster"
uh. no.

mjr.
---
Marcus J. Ranum				http://www.ranum.com
Computer and Communications Security	mjrat_private

_______________________________________________
firewall-wizards mailing list
firewall-wizardsat_private
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards