Long time listener, first time poster...
Some of the managers at my company are pushing to get rid of our firewall in exchange for IPS devices. They've heard that IPS sensors can be used to block traffic, so they've got it in their heads that we don't need a firewall anymore. I'm wondering if anyone on this list can give me a few salient points that can be used to rebuke this “strategy”.
The one point that springs to mind immediately is that a firewall is (hopefully) a default deny device while an IPS is a default allow device. Putting aside that IPS and firewalls operate at different layers and so block based on different parameters, a default deny device is more likely to block 0 day attacks. Do you all agree with this statement and do you have any others that typical management can understand?
Thanks for your help,
Phil A.
~*e,ڭ&j)b b~*e,ڭ!z+�ihrƥi�oj)fjb?~*e,
Received on Feb 02 2006
