RE: [MLUG - DISCUSSION] firewall appliance

Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "MLUG Off-Topic Discussion" <EMAIL:PROTECTED>
Subject: RE: [MLUG - DISCUSSION] firewall appliance
From: "Spurling, Shannon" <EMAIL:PROTECTED>
Date: Wed, 3 Sep 2003 08:46:52 -0500
List-archive: <http://mlug.missouri.edu/pipermail/discussion>
List-help: <mailto:EMAIL:PROTECTED>
List-id: MLUG Off-Topic Discussion <discussion.mlug.missouri.edu>
List-post: <mailto:EMAIL:PROTECTED>
List-subscribe: <http://mlug.missouri.edu/mailman/listinfo/discussion>,<mailto:EMAIL:PROTECTED>
List-unsubscribe: <http://mlug.missouri.edu/mailman/listinfo/discussion>,<mailto:EMAIL:PROTECTED>
Reply-to: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
Sender: EMAIL:PROTECTED
Thread-index: AcNyH5ZmQra/mBCJQ3u4u4f8u9qq6gAAQY7A
Thread-topic: [MLUG - DISCUSSION] firewall appliance

I am sure there are disadvantages to these little firewalls, but they
have their niche. Like Brent says, it's a matter of administration
costs. You can't do a lot of fancy things with them, but you don't have
to worry about any one else doing fancy things with them behind your
back. :-)
When you start talking about having a firewall device built on top of a
full blow operating system environment, you also have the chance of
having holes poked in your firewall by virtue of the complexity of the
software. If I have a small embedded device, like these little hardware
routers, chances are that even if a person were able to get a console
prompt, they would not be able to do much more than kill your
connection. With a software based router, they could break in and
install any number of interesting programs. This is another reason why
it's a bad idea to run any thing else on your firewall server. You are
increasing the number of vectors you can become compromised with. It's
amazing how hard it is to get people to see that.

The $250 box you are talking about is in a different class than those
small embedded firewalls. But it also has a different customer base. The
customer base probably would not buy your firewall, because it was too
cheap. It seams weird to you or me, but there are large segments of the
market out there that just don't trust something unless it costs more
than it should.

Shannon Spurling
WAN Engineer -Specialist

MOREnet, Network Services, Core Network
3212 LeMone Industrial Blvd.
Columbia, MO 65201

Main:(573) 884-7200   Fax:(573)884-6673

EMAIL:PROTECTED
EMAIL:PROTECTED

-----Original Message-----
From: Brent Deterding [mailto:EMAIL:PROTECTED] 
Sent: Wednesday, September 03, 2003 8:30 AM
To: 'MLUG Off-Topic Discussion'
Subject: RE: [MLUG - DISCUSSION] firewall appliance

True - fwbuilder comes to mind - but how many small businesses even run
linux somewhere to run it? How many have a flipping clue about security.

ALso - nowdays many of those $70 - $120 things are limited yes, but are
also
stateful. Not bad for $70 with an AV client and patches on the backend .
. .
. that's what I use for my mom. I don't want to, nor do I have the time,
to
support a "real" firewall across the country from me.

Look at my email addy - defense in depth :) Which is NOT wiring in
depth!

-- Brent

-----Original Message-----
From: EMAIL:PROTECTED
[mailto:EMAIL:PROTECTED]On Behalf Of Ognen
Duzlevski
Sent: Tuesday, September 02, 2003 6:21 PM
To: MLUG Off-Topic Discussion
Subject: RE: [MLUG - DISCUSSION] firewall appliance

Thanks. I was under the impression that the $70-120 devices are routers
with some limited firewalling capabilities, not real firewalls. BTW,
there
are a bunch of easy-to-use, web based firewall setup scripts under
linux...

Cheers,
Ognen

On Tue, 2 Sep 2003, Ross, Matthew wrote:

> Date: Tue, 2 Sep 2003 16:52:16 -0500
> From: "Ross, Matthew" <EMAIL:PROTECTED>
> Reply-To: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
> To: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
> Subject: RE: [MLUG - DISCUSSION] firewall appliance
>
> >From Shannon's email:
> "You can get a basic one for around $70, and if you
> want features like a print server or modem backup, it will run you
> around $120."
>
> Consider you're looking for one yourself. You can pay $250 to get a
device
using an OS you either don't know, or could do yourself, built by
someone
you don't know and who can't pay for the damages if it fails and lets
something terrible through.
> Or you can pay $70-120 and get a device using an OS that puts
configuration in nice, friendly web-like pages, will pay a reasonable
amount
if their device fails to protect you, and the manufacturer is known and
trusted by thousands of large companies, and millions of users.
>
> So in summary, no, there would not be a market for those as priced.
>
> > -----Original Message-----
> > From: Ognen Duzlevski [mailto:EMAIL:PROTECTED]
> > Sent: Tuesday, September 02, 2003 4:31 PM
> > To: MLUG Off-Topic Discussion
> > Subject: Re: [MLUG - DISCUSSION] firewall appliance
> >
> >
> > OK I asked for it ;). What I really meant was "how much are
> > you willing to
> > pay for one?". I am basically wondering what the market for
> > those things
> > is and think I can produce a decent linux based firewall from new
> > components and sell it for $250 or perhaps lower. My question
> > should have
> > been "based on your experience, would there be a market for
> > these as the
> > price above?".
> >
> > Cheers,
> > Ognen
> >
> > On Tue, 2 Sep 2003, John Engelbrecht wrote:
> >
> > > Date: Tue, 2 Sep 2003 16:25:39 -0500 (CDT)
> > > From: John Engelbrecht <EMAIL:PROTECTED>
> > > Reply-To: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
> > > To: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
> > > Subject: Re: [MLUG - DISCUSSION] firewall appliance
> > >
> > > http://www.tigerdirect.com
> > > http://www.walmart.com
> > > http://www.staples.com
> > > http://www.pricewatch.com
> > >
> > > On Tue, 2 Sep 2003, Ognen Duzlevski wrote:
> > >
> > > > Hi,
> > > > just curious, how much does a 5-port hardware firewall
> > appliance usually
> > > > cost? I don't mean an old pentium with a software
> > firewall but one of
> > > > them small hardware appliance boxes...
> > > >
> > > > Thanks,
> > > > Ognen
> > > > _______________________________________________
> > > > discussion mailing list
> > > > EMAIL:PROTECTED
> > > > http://mlug.missouri.edu/mailman/listinfo/discussion
> > > >
> > > _______________________________________________
> > > discussion mailing list
> > > EMAIL:PROTECTED
> > > http://mlug.missouri.edu/mailman/listinfo/discussion
> > >
> >
> > EMAIL:PROTECTED
> > SDF Public Access UNIX System - http://sdf.lonestar.org
> > _______________________________________________
> > discussion mailing list
> > EMAIL:PROTECTED
> > http://mlug.missouri.edu/mailman/listinfo/discussion
> >
>
> _______________________________________________
> discussion mailing list
> EMAIL:PROTECTED
> http://mlug.missouri.edu/mailman/listinfo/discussion
>

EMAIL:PROTECTED
SDF Public Access UNIX System - http://sdf.lonestar.org
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion

_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion

_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion

Follow-Ups:
- Re: [MLUG - DISCUSSION] firewall appliance
  - From: Jason McIntosh <EMAIL:PROTECTED>

Prev by Date: Re: [MLUG - DISCUSSION] from prodigy to genius?
Next by Date: Re: [MLUG - DISCUSSION] from prodigy to genius?
Previous by thread: RE: [MLUG - DISCUSSION] firewall appliance
Next by thread: Re: [MLUG - DISCUSSION] firewall appliance
Index(es):
- Date
- Thread