[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Checkpoint FW-1 vs. Proxy Firewalls

To: fw-1-mailinglist@lists.us.checkpoint.com
Subject: [FW1] Checkpoint FW-1 vs. Proxy Firewalls
From: karimi@ca.ibm.com
Date: Mon, 31 May 1999 17:36:30 -0400
Sender: owner-fw-1-mailinglist@lists.us.checkpoint.com





Hello

Could someone please tell me if proxy-type firewalls inspect the data within the
frame for
actual hacking/cracking or offensive commands vs. a stateful-inspection firewall
which i am led
to believe doesn't examine the actual payload.

i have heard that proxy-type firewalls (ex: IBM's E-Firewall or Secure-IT
Blackhole)  examine the actual
contents of the data at Layer 7 (application layer) - hence, if someone embedded
some offensive
commands, it would be caught.

Could someone please elaborate on whether a filtering firewall like Checkpoint
can do
this, or only with the addition of the "plug-in" content-security servers (SMTP,
etc).

Thanks




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] NT Server & Workstation Service.
Next by Date: RE: [FW1] Implicit client auth - breaks in 4.0?
Prev by thread: [FW1] Restricting HTTP access by internal users
Next by thread: [FW1] Implicit client auth revisited
Index(es):
- Date
- Thread