Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)
From: ArkanoiD <ark () eltex net>
Date: Thu, 25 May 2006 17:08:24 +0400

nuqneH,

Actually Cisco ASA (don't have expirience with Juniper) is not a "single box".
Think it as PIX with IDS box with some kind of proprietary network interface
between them (actually it does even have MAC address ;-).

I don't like CISCO IDS though (and PIX itself is not much better, both
are functionally impaired) , 
but using products from the same vendor provides some management and 
reporting unification that may be considered major advantage.

On Wed, May 24, 2006 at 11:11:56AM -0500, Robert A Beken wrote:
I have a question for the group about this new trend of using a single 
firewall for all IDS and Firewall related tasks in an integrated box for 
enterprise organizations (not SOHO).  I personally think it's a bad idea 
and lacks flexibility in configuration and  "defense in depth" posture 
towards security.  What are other people's thoughts?

Thanks and Regards,


Robert Beken CISSP, GCFW
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault