[146340] in North American Network Operators' Group
Re: Firewalls - Ease of Use and Maintenance?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Wed Nov 9 13:31:36 2011
To: Joe Greco <jgreco@ns.sol.net>
In-Reply-To: Your message of "Wed, 09 Nov 2011 08:00:01 CST."
<201111091400.pA9E01lg081698@aurora.sol.net>
From: Valdis.Kletnieks@vt.edu
Date: Wed, 09 Nov 2011 13:29:43 -0500
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1320863383_2580P
Content-Type: text/plain; charset=us-ascii
On Wed, 09 Nov 2011 08:00:01 CST, Joe Greco said:
> > On Wed, Nov 09, 2011 at 03:32:45PM +0300, Alex Nderitu wrote:
> > > An important feature lacking for now as far as I know is content/web
> > > filtering especially for corporates wishing to block
> > > inappropriate/time wasting content like facebook.
> > 1. That's not a firewall function. That's a censorship function.
> Is it "censorship" not to want unwanted connection attempts to our
> gear, and block unsolicited TCP connections inbound?
> Is it "censorship" not to want unwanted exploit attempts to our
> gear, and run everything through ClamAV, and use blocklists to
> prevent users inadvertently pulling content from known malware sites?
I do believe that Alex was saying "blocking outbound access to time wasters
like Facebook" is a censorship function, not a firewall function.
--==_Exmh_1320863383_2580P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFOusaXcC3lWbTT17ARAnthAJ9M6H+ztSx8XiLxU11dMcMh1e5hOACgmfyh
APiHhF9XkXQ0/Sb80tFRM28=
=GPiH
-----END PGP SIGNATURE-----
--==_Exmh_1320863383_2580P--
