On Mon, 18 Mar 2002, Paul Greene wrote:
>
> Actually I think *you* might be missing the point.
>
> There is no 100% "hardware" firewall. Every firewall has an operating
> system ("software") on it so that it can do it's firewall thing.
True, but there are some advantages to the current generation hardware
boxes. No boot disk, no writable disk space, not derived from a general
purpose OS so smaller amount of code to review for security, etc.
> (And as
> mentioned already, that "software" is often a stripped down, hardened BSD
> OS.)
True a few years ago. Current generation hardware firewalls now run
special purpose OS's without any derivation from past operating systems.
In the days when Gauntlet and kin were king the firewall boxes ran BSD/OS
for the most part. Now folks run Cisco PIX (IOS derivative), SonicWall
(proprietary), NetScreen (proprietary), etc., no BSD in sight.
- rick
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
