LNS and DPI (Frederic please take a look)

Discussion in 'LnS English Forum' started by FWPilgrim, Sep 7, 2008.

Thread Status:
Not open for further replies.
  1. FWPilgrim

    FWPilgrim Registered Member

    Joined:
    Aug 29, 2008
    Posts:
    7
    Hi,Frederic,
    I hope LNS is going to develop a DPI(Deep Packets Inspection) technology for the future versions.
    And I want to know whether there has already been a plan to develop that?
    In my opinion ,Lns, such a wonderful firewall should be in lead in that technology,am I right?;)
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi FWPilgrim,

    No there was no plan yet in that direction.
    I'm afraid it is something very big, an IDS is firstly required (before talking about DPI), and there are today specific applications for that purpose (like snort).
    What would be possible is to have a better interaction between IDS (and DPI if some applications already exist) and FW to block IP/Ports in the FW as soon as something abnormal/strange is detected by the IDS/DPI.

    Since DPI scope is very large, maybe you had something more specific in mind ?

    Thanks,

    Frederic
     
  3. FWPilgrim

    FWPilgrim Registered Member

    Joined:
    Aug 29, 2008
    Posts:
    7
    Oh, that's sort of pity. But I still hope we will see the breakthroughs in the near future. Maybe now you can initiate the project in your mind, if there's a need.
    OK, anyway,thanks for your reply.
    Good luck!:thumb:
     
  4. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    FWPilgrim - Don't take this personally. LnS is very rigid in its vision in terms of adding new features, even borderline resistant to change/improvement. It is not a firewall you want to use if you are looking for a cutting-edge product.
     
  5. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    .. I'm thinking Payload filtering module like how CHX-I done it in v3, persons could take it from there..

    ... n8chavez, You can't expect features to be included over night, also if they aren't being requested beyond an individual bases.



    Regards,
    Phant0m``
     
  6. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    That is not the case. As we have discussed provately many times, everything I have requested I have been doing so for literally years. That, I suspect, is more than enough time. Or, at least, give me a reason other than "LnS is a strict firewall." Well, duh! That lack of vision is exactly what I am commenting on here.

    You seemed to have agreed with me before. But I understand if you want to save face here.
     
  7. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Unless it's really something he knows would excite his customers, he won't implement usually unless it's massively being requested for. I see requests, but I don't see these being massively requested for (or at least on the forums anyways).

    Has nothing to-do with keeping face, I agreed there's couple of features been requested couple of times, but it's a far cry from being massively requested by Look 'n' Stop customers.



    Regards,
    Phant0m``
     
  8. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    DPI would be nice. Also, since rules can apply to applications, a GUI interface prompting to help create additional rules would be nice.
     
Thread Status:
Not open for further replies.