[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] why not a bridge?
First, I had tonnes of people let me know that lucents fw always works(or can work?) as a bridge. Second, I don't imagine it would be too hard to write bridging software that actually does inspect the TCP/IP stack. I mean if you take a closer look at how checkpoint says they examine packets, they do it already. Checkpoint software itself does not route packets. I wonder... If I installed bridging software on my linux box, would checkpoint still work? I think I might try that... anyone think of a reason why it wouldn't work? anyone think of a reason why I wouldn't want to do this? What do you think? --Paul On Fri, 26 Jan 2001, Dean Cunningham wrote: > Soem thoughts.... have never seen the sun firewall.... a bridge in its > purest sense,works at the ethernet address level, just a glorified repeater > with some knowledge as to what segment a MAC address is on. > > This makes the segements and the bridge vulnerable to broadcast storms for > one thing. This reduces usable bandwidth. One would also assume DOS > potential. > > Now a firewall that acts as a bridge could probably handle that... dunno... > > I think it is more that as the focus on TCP/IP over the past 10 years has > increased, the use of other protocols and more importantly, non routable > protocols such as dlc and netbios/netbeui usage has decreased to the extent > there is not a big market. > Sorta VHS vs Beta, the market and the marketers chose the winner. > > > > > > > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: Friday, 26 January 2001 10:49 AM > To: [email protected] > Subject: [FW1] why not a bridge? > > > > Can anyone explain why Sun is the only company that seems to produce a > firewall that runs as a bridge? I can't see why this isn't a more common > practise. > > -- --Paul ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|