[ale] hardware firewall

Bob Toxen transam at cavu.com
Fri Sep 10 17:00:50 EDT 2004


On Fri, Sep 10, 2004 at 01:28:08PM -0500, Preston Boyington wrote:
> I am needing a hardware firewall in order to connect from a home machine
> to a company LAN.  Although I like using Freesco, the IT department
> really prefers me using a hardware firewall if I am going to have access
> to the network.
As someone else mentioned, there really is no such thing as a hardware
firewall.  It still will have a standard processor in it.

What distinguishes a "hardware" firewall is the lack of configurability
and software upgradability.

> Anyone have a preference?  I've not needed one before, so I am not >
familiar with them.

The important thing about a firewall is the configuration and that
should be done by someone experienced at it.  That means more than just a
"1 week Cisco class" to learn what the commands do.

When I do security audits on companies, usually the firewall has been
so badly configured as to be almost worthless.  Since you are bridging
between the Internet and your company, any mistakes here will allow the
entire company to be compromised.

I suggest a Linux-based firewall professionally configured.

> Thanks,
> Preston

Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

"Microsoft: Unsafe at any clock speed!"
   -- Bob Toxen 10/03/2002




More information about the Ale mailing list