Firewalls Ready for Evolutionary Shift

Discussion in 'other firewalls' started by ronjor, Dec 1, 2007.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,770
    Location:
    Texas
    Article
     
  2. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    interesting read.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,038
    Location:
    The Netherlands
    I assume that this doesn´t apply to home user firewalls? Perhaps a stupid question but I´m not exactly an expert when it comes to firewalls. To me a firewall needs to offer good inbound and outbound protection, but data control would be a nice extra.
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    What are we actually looking at with this article?

    Let me explain my question.

    With home firewalls (such as what we see,... ZA, OP, OA, jetico (to mention only few) etc), we see application control. these will allow applications to connect out (or not) based on user rules. Most high end firewalls (for gateway~ use by companies etc) put forward filtering via protocol, some as with application layer protocol control.

    Per application as been available for the home user for a long time, but does not reflect/give actual layer/per protocol control to a depth of actual protocol protection differentiation.

    Basically: Do you know what applications are making connections. As put forward in the artical, all apps will be making HTTP,.. so what,... we can control this with basic firewalls.

    Maybe I have read it incorrectly??
     
  5. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    The article is all about enterprise/perimeter firewalls.
    Personally, I don't want Deep Packet Inspection to be performed at hosts.
    I really like the UTM solutions available today for free, so I do "DPI" at the gateway level and "classic" packet filtering (with binding to applications) on the hosts.
     
  6. benton4

    benton4 Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    158
    Location:
    Oregon
    Wow, what an article! So, why wouldn't the home user be affected by this? Many people own small businesses, or have the ability to connect to where they work? Businesses and home users alike should be insterested in this. I'm curious if companies like Comodo, for example, have any of this change in their firewall? Mind you, I am by no means a techi, so I could be misinterpreting this whole thing. Is this one of the reasons why people are trying to understand and use HIPS programs?
     
  7. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    I thought this was already being done, like Zorp etc. o_O
     
  8. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    This is old news. Application specific hw firewalls (deep packet inspection combined with stateful packet inspection) have been sold for years already. Maybe they are now finally gaining ground on a larger scale.
     
Loading...
Thread Status:
Not open for further replies.