On Wednesday, February 08, 2006 1:27 AM, Darren Reed so wrote:
>> On Tuesday, February 07, 2006 12:50 PM, Dave Piscitello so spake:
>>
>> >An interesting exercise for this list - possibly a new thread? - is
>> >"what security policies are best enforced by implementing
"on-the-fly
>> >analysis" versus "what security policies are best enforced by proxy
>> >rewrites".
>
>How is one different to the other ?
>
>How is a proxy not doing something "on the fly" ?
My sometimes jaded view is that the proxy rewrites the traffic to
conform to whatever the proxy writer wrote. Hopefully, that matches up
with some standard protocol to _provide_ the security. I.E. You get the
security from the proxy writer having rewritten your traffic. It's doing
*something,* true, but it's not "checking" anything. It's just not
re-writing any *bad* stuff.
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Feb 08 2006
Intro
