Now a VPN firewall failing closed is an interesting idea. What if you had a
VPN firewall which identified bandwidth used over time per client
connection, and if it exceeded some maximum value, cranked down the
allocated bandwidth? Can think of multiple internal points this would be
useful in, in hindsight after the worm incidents of the last few weeks. I
think LightSpeed System's Total Traffic Control can do this, and could
probably be done with snort and some other tools, but would be interesting
to do this with more mainstream devices.
--------------------------
Subject: Re: Re: [fw-wiz] Use of firewalls in networks of today (Was: Re:
Setting up H323 IP telephony etc )
From: "Victoria of Borg" <vicofborg_at_myrealbox.com>
To: firewall-wizards_at_honor.icsalabs.com
Date: Tue, 02 Sep 2003 20:55:12 -0500
[snip]
> Exactly. And as we've all said before, a firewall is only so
> good. Take t=
> hese worms that propegate over tcp/135. Any firewall worth
> its price blo=
> cks that one. Unless it is an internal fireall on a VPN/RAS
> network and =
> the users need to get at their drives, of course. Then it's
> like so much=
> tissue. Actually, in our case it was more like a fuse than
> anything; t=
> he ping-flood melted the firewall so bad it failed closed.
[snip]
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Sep 05 2003
Intro
