There are several different "firewall" technologies that work
at different layers in the protocol stack. One of these is
"packet filtering" and router ACLs are just one particular
implementation of this general technique. They are, in the
real world, an important implementation because there are
usually more routers than there are firewalls in a network
and using this allows more conotrol points to be used and also
allow for more depth to your defences.
In the network I control at my place of work we're replacing
Cisco routers by PCs running FreeBSD and IPFilter so that we
can have better controls at more levels in the protocol stack
than is provided by simple ACLs.
--
David Pick
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Jan 03 2004
Intro
