I don't need no stinking firewall!

• Previous message (by thread): I don't need no stinking firewall!
• Next message (by thread): I don't need no stinking firewall!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/5/10 3:24 PM, Robert Brockway wrote:
> On Tue, 5 Jan 2010, Dobbins, Roland wrote:
>
> The problem is that your premise is wrong.  Stateful firewalls 
> (hereafter just called firewalls) offer several advantages.  This list 
> is not necessarily exhaustive.
>
Great advantages list, but where's the disadvantages list?

Here's mine:

1..n) Stateful firewalls go down.  It's the very nature of what they 
do.  If you haven't had this problem, then your application is small.

Everyone needs to listen to Roland's mantra: "stateless ACLs in hardware 
than can handle Mpps".  It's more than just a hint.

• Previous message (by thread): I don't need no stinking firewall!
• Next message (by thread): I don't need no stinking firewall!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]