[68828] in North American Network Operators' Group
RE: Firewall opinions wanted please
daemon@ATHENA.MIT.EDU (Matt Ryan)
Wed Mar 17 13:35:07 2004
From: "Matt Ryan" <Matt.Ryan@telewest.co.uk>
To: "'Eric Gauthier'" <eric@roxanne.org>, nanog@merit.edu
Date: Wed, 17 Mar 2004 18:33:54 -0000
Errors-To: owner-nanog-outgoing@merit.edu
Depending on your chosen vendor the ACL cost is unlikely to be $0 - if you
steal CPU cycles from packet forwarding then you incur earlier router
upgrade costs and that has a NPV cost increase associated with it. It's just
not as obvious as a invoice for a firewall.
Matt.
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
Eric Gauthier
Sent: 17 March 2004 17:20
To: nanog@merit.edu
Subject: Re: Firewall opinions wanted please
> > _Everyone_ (network connected) should have a firewall. My grandma
should
> > have a firewall. Nicole, holding dominion over this business network
and
> > its critical infrastructure, should _definitely_ have a firewall. ;)
By "firewall", do you mean "dedicated unit that does statefull filtering"
or just "something that will block packets"? We've successfully argued
to just about every group here at our University who came to us asking for a
"firewall" that, given what they wanted to achieve, they could accomplish
the
same thing with simple ACLs...
I'm sure that the cost of the ACL's (i.e. $0.00) versus the cost of a
firewall
also helped them in their decision...
Eric :)
------------------------------------------------------------------------------
Live Life in Broadband
www.telewest.co.uk
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material.
Statements and opinions expressed in this e-mail may not represent those of the company. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer.
==============================================================================
