|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: using raptor as a choke router
Shivdasani, Meenoo (Meenoo_Shivdasani
NAI.com)
Thu, 25 Feb 1999 08:27:59 -0800
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: cschuttgwinning-strategies.com: "re: Firewall Comparison"
- Previous message: Witte, Gregory A: "X.400 application proxy"
> server is it wise to use something like Raptor to both act as
> the internal
> choke router and proxy? and if it aint .. like the books
> say, why the hell
> do they sell such stuff which can do both? I mean, if it is
> a bad thing to
> combine both then why should I buy something which I wont
> fully use ? I am
> confuzzed !
It depends on the needs of your specific organization.
Application proxies do provide better security, but your trade-off is that
you lose performance. And in some cases, an application proxy may not be
able to transfer the traffic that you need to transfer. Enter the packet
filtering option.
Packet filters do have their uses -- on at least one product that I'm
familiar with, you can use the packet filter to remove or create
transparency on firewall interfaces, pass protocols for which there aren't
proxies (GRE for example), and block unwanted packets from ever reaching
your firewall (like the network that I have blocked because of the
irritating traffic that they keep sending my direction).
YMMV,
M
- Next message: cschuttgwinning-strategies.com: "re: Firewall Comparison"
- Previous message: Witte, Gregory A: "X.400 application proxy"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:18:09 CDT