Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

Re: IPS vs. Firewalls
From: Gabriele Buratti <gabriele.buratti () netasq com>
Date: Fri, 03 Feb 2006 14:29:14 +0100

ArkanoiD wrote:
(I'd even say that anyone who seriously claim that IPS can replace firewall
is stupid moron with lack of understanding even security basics, and if
those people are allowed to make technical decisions your company has damn
big management problems)

I agree, but something must be added.
A pure IPS can't replace a firewall if it's doing just application protocol analisys/control. You still need policies. A IPS-firewall (stateful inspection + policy + layer7 inspection) can replace and sometimes do better than a firewall (stateful inspection + policy)


Attachment: gabriele.buratti.vcf

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]