[68819] in North American Network Operators' Group
Re: Firewall opinions wanted please
daemon@ATHENA.MIT.EDU (Eric Gauthier)
Wed Mar 17 12:32:15 2004
Date: Wed, 17 Mar 2004 12:19:53 -0500
From: Eric Gauthier <eric@roxanne.org>
To: nanog@merit.edu
In-Reply-To: <200403171654.i2HGsvx17307@karoshi.com>; from bmanning@karoshi.com on Wed, Mar 17, 2004 at 08:54:57AM -0800
Errors-To: owner-nanog-outgoing@merit.edu
> > _Everyone_ (network connected) should have a firewall. My grandma should
> > have a firewall. Nicole, holding dominion over this business network and
> > its critical infrastructure, should _definitely_ have a firewall. ;)
By "firewall", do you mean "dedicated unit that does statefull filtering"
or just "something that will block packets"? We've successfully argued
to just about every group here at our University who came to us asking for a
"firewall" that, given what they wanted to achieve, they could accomplish the
same thing with simple ACLs...
I'm sure that the cost of the ACL's (i.e. $0.00) versus the cost of a firewall
also helped them in their decision...
Eric :)
