Actually I think *you* might be missing the point.
There is no 100% "hardware" firewall. Every firewall has an operating
system ("software") on it so that it can do it's firewall thing. (And as
mentioned already, that "software" is often a stripped down, hardened BSD
OS.)
And no firewall worth being called a firewall is running anything other
than firewalling software on it.
Paul Greene
On Mon, 18 Mar 2002, Patrick Beart wrote:
> At 1:25 AM -0500 3/17/02, Anthony E. Greene wrote:
> >
> >On Sat, 16 Mar 2002, Patrick Beart wrote:
> > > I'm new to the whole "security" thing, but I've learned that
> >>a hardware appliance is better than software, if only for the fact that
> >>someone is technically already IN the machine when they hit the firewall
> >>software. With a hardware appliance there's a physical barrier ahead of
> > >your machines.
> >>
> >
> >I hope it wouldn't hurt your feelings to know that a lot of these hardware
> >devices are BSD boxes with a stripped-down OS.
>
>
> Apparently, my point was missed entirely, here.
>
> Having a PHYSICAL device sitting AHEAD of your server(s) is,
> IMO, far superior to having the "software" sitting in that same
> server box(-es). I really don't care what particular OS or coding is
> used for the Firewall HARDWARE appliance. I only care that it's
> running IPSec and isn't running on my server(s).
> I want the big electronic "bouncer" sitting OUTSIDE my
> virtual house, not in the foyer.
>
>
> Patrick Beart
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
