Firewall Wizards mailing list archives

Re: Important Comments re: INtrusion Detection

From: mcnabb () argus-systems com (Paul McNabb)
Date: Tue, 17 Feb 1998 10:37:32 -0600

 Date: Mon, 16 Feb 1998 19:50:08 -0500 (EST)
 From: "Paul D. Robertson" <proberts () clark net>
 
 On Sun, 15 Feb 1998, Aleph One wrote:
 
 > Nonetheless, I'd like to see OS and firewalls vendors integrate these
 > features into their products (particularly capabilities and MACs). Secure
 > Computing is to be commended for using some of this (or similar)
 > technology on their Sidewinder firewall. Harris as well for the
 > CyberGuard firewall running in a B1 operating system. HP also has a secure
 > web server product running under a secure version of HP-UX. To bad that
 
 It got spun off as Cyberguard Corp. and I *think* they dropped the B1 OS
 recently and switched to BSDI.
 
 BDM is currently also doing Cybershield with the "under evaluation" DG/UX
 B2 product.  
 
 > that version is compleatly different from CMW HP-UX which is developed by
 > a different team. A waste of efforts if you ask me. Of curse these
 > products vary a lot on how well integrated they are and how much use
 > they make of the features of the underlaying secure OS but it is a trend
 > I'd like so see on the rise.


There have been several versions of firewalls run on the Argus B1 Solaris
2.5.1 system, such as Checkpoint, on both SPARC and x86 platforms.  This
point has been covered before on this list, but the value of a trusted OS
(e.g., B1) sitting under (or over) a firewall depends on the way the
firewall is built and administered.  There are many companies out there
that have mandated that all firewalls at their site be run on a trusted
OS with a minimum of B1.  The number of such companies is increasing,
but I suspect that it will always remain a minority of the market.
B1+FW is an attractive product for many environments, particularly sites
with a lot at risk, but it isn't for everyone.

paul

---------------------------------------------------------
Paul McNabb                     Argus Systems Group, Inc.
Vice President and CTO          1809 Woodfield Drive
mcnabb () argus-systems com        Savoy, IL 61874 USA
TEL 217-355-6308
FAX 217-355-1433                "Securing the Future"
---------------------------------------------------------

Current thread:

Re: Important Comments re: INtrusion Detection, (continued)
- - - Re: Important Comments re: INtrusion Detection Steven M. Bellovin (Feb 16)
    - Re: Important Comments re: INtrusion Detection tqbf (Feb 16)
    - Re: Important Comments re: INtrusion Detection Aleph One (Feb 16)
    - Re: Important Comments re: INtrusion Detection Darren Reed (Feb 16)
    - Re: Important Comments re: INtrusion Detection Steven M. Bellovin (Feb 16)
    - Re: Important Comments re: INtrusion Detection Aleph One (Feb 16)
    - Re: Important Comments re: INtrusion Detection Paul D. Robertson (Feb 16)
- Re: Important Comments re: INtrusion Detection Vern Paxson (Feb 15)
- Re: Important Comments re: INtrusion Detection tqbf (Feb 16)
- Re: Important Comments re: INtrusion Detection Paul McNabb (Feb 18)
- Re: Important Comments re: INtrusion Detection Paul McNabb (Feb 18)
- Re: Important Comments re: INtrusion Detection Paul McNabb (Feb 18)
- Re: Important Comments re: INtrusion Detection Steven M. Bellovin (Feb 18)
- Re: Important Comments re: INtrusion Detection Kurt Ziegler (Feb 18)
  - Re: Important Comments re: INtrusion Detection Adam Shostack (Feb 18)
  - Re: Important Comments re: INtrusion Detection tqbf (Feb 18)
    - Re: Important Comments re: INtrusion Detection Paul M. Cardon (Feb 19)
  - Re: Important Comments re: INtrusion Detection Jonathan Care (Feb 19)
- Re: Important Comments re: INtrusion Detection Michael T. Stolarchuk (Feb 19)
- RE: Important Comments re: INtrusion Detection Kurt Ziegler (Feb 19)
- Re: Important Comments re: INtrusion Detection tqbf (Feb 19)

(Thread continues...)