hardware firewall buying

I think the record speaks volumes. You are an obsessed lunatic.

Reply to
Spender
Loading thread data ...

Quite,

Why are you telling me this, tell him. You'll get no argument from me. I am not the one claiming that MJR got it all wrong.

He has, on several occasions. A linksys wrt-54gs is a 'low end unit' the last time I looked.

Incorrect, he has this very evening claimed that 'uncertified' solutions are not firewalls.

A wrt-54gs running sveasoft provides equivalent if not better functionality than a Netscreen 5XT.

A NS 5XT is not a 'low end unit'.

Pointing out the circular nonsense at the heart of his argument is not 'nitpicking'.

'upset' ?

How could one possibly be 'upset' to see someone's regularly repeated cobblers implode when it was pointed out that Watchguard products are no longer ICSA certified.

Therefore by their own logic, the product is a 'hope to be' firewall solution, always the bridesmaid, never the bride.

I haven't laughed so hard in ages.

greg

Reply to
Greg Hennessy

I agree with the above two paragraphs.

Reply to
Leythos

Please show me where independent testing shows that the solution provides clear protection against some set of tests.

What scans/tests have been run against the solution and what level of firmware was the tested device running?

Reply to
Leythos

Leythos wrote in news:oDy1h.20136$ snipped-for-privacy@tornado.ohiordc.rr.com:

Anyone who computer is permitting unwanted "outbound" traffic needs to format their harddrive and rebuild their machine; they've been hopelessly compromised at that point.

Yo!

Reply to
Yohann

Really? It sounds like some craziness. I wonder why, maybe it's due to some alley happenings and some bitch-slapping that never happened and should have happened. Maybe, some bitch-slapping needed to be done at that time to knock some kind of sense into you.

So what about a driver that's on the computer that's sending outbound and the person tracks it down to the driver and disables the driver or removes the driver?

So, should the person just wipe out and format HD on that too?

One shoe doesn't fit all nor does one situation/solution fit all.

Reply to
Duane Arnold

There's no firewall needed or useful for such a task.

Honestly, if it's an undocumented obscure behaviour, I'd treat this system as compromised and act accordingly.

Filtering out postings from Leythos does fit. Well, maybe expect for himself.

Reply to
Sebastian Gottschalk

Spender wrote in news:rrqdk25i0tii143vka13gbq1idc38qgbp9 @news.easynews.com:

Which in my experience is 90% plus of PC users.

Brian

Reply to
Skywise

Leythos skriver:

Doesn't the ablity to by soft keys to upgrade performance, means that someware in the software is a built in downgrade oc preformace so it doesn't give you full speed untill you pay more. Features I can understand and accept, performace sound hard to accept.

/ Balp

Reply to
Anders Arnholm

Testing can never show that something works, that is just abouve the possibilities of testing. The only thing you can show by testing is that something doesn't work. You can only find problems never correctness, so a tested and certified firewall isn't show to be working, only that the tests didn't find any problems.

There may still be even more problems on the certified hardware, solution than on other solutions, testing can never tell anything about this.

/ Balp, amoung other stuff certified tester.

Reply to
Anders Arnholm

Leythos skriver:

Do you understand the basic fundations of what testing is? What do you think shuch testing can show, do you think is as usefull as "independet" benchmarks. (The kind of stuff you get from paying a company to run tests against your product that sais thats it better woring that something else.)

After having worked with the code for some of the major firewall manifactures, (certified by your loved testers) and other open code, I know that OpenBSD code will win everyday. The number of problems in that code are far less. However they are not directly certified anyware.

/ Balp

Reply to
Anders Arnholm

Leythos skriver:

Test can never arcihe your goal, you are correct in that no testing doesn't prove it will work. However the oposite is also true all the tesing in the world can't prove that it will work. You are as bad out with the tested as the non tested solution.

With certifications you are still on your own, the difference is nill, nada. Certification tell you that the marketing department think that the badge looks good and will fool someone into beling that they don't have to test and verify by them selfs. It sell some kind of good feeling, keeping the marketing happuy, adding much to your cost.

Thaing itn for that it proves something about security or quality is the wrong appratch. It proves about the willingness to pay and maybe about the finasical state of the provider. This can be usefull information, but it's still doesn't talk about security.

/ Balp

Reply to
Anders Arnholm

Oh Gawd, not this specious nonsense again.

By that logic, the Watchguard products you peddle are no longer fit for any purpose because they have no ICSA certification.

Are you seriously suggesting that no one should buy Watchguard products until they are 'independently' tested and can demonstrate 'clear protection' as a consequence.

Simple question, yes or no.

Reply to
Greg Hennessy

Actually, it makes complete sense - they built a product that provides X, Y, Z levels of performance, the hardware in the device is more than capable of providing the highest (Z) level of performance, but, people don't want to pay for that level, and it doesn't make sense to put slower components into a device, since the cost of electronic devices is about the same for this type of product...

If someone can't afford a level Z product, and they don't need a level Z product, why would you want them to pay for it at level Z. I think it's great that they provided a product that can be key upgraded without me having to buy a new appliance, without having to change my rule set, without having to take the network down for more than 30 seconds, etc...

This methods puts the device in hands of people that can afford the level of performance they want.

Reply to
Leythos

If they don't regain their status, which is currently being questioned, then I won't recommend them any more. That being said, they still show that their products are certified on their own website, and their products were certified as of June this year, and I'm waiting on a reply from WG, which has indicated it's talking with them about why they were no longer listed.

It does seem strange to me that WG Firewalls that were listed on the site in June, without any changes, are not listed any more - in fact, not a single WG product, and there were many, is currently listed. I suspect that they are still certified, but there is something wrong with the list - but I've not had a reply from them yet.

Reply to
Leythos

The usual evasive nonsense one has come to expect.

Call yourself a professional ?

How could you possibly recommend a product that has no ICSA certification 'today'.

Please provide the 'independent' testing demonstrates that the solution provides clear protection against some set of tests.

Are you going to tell your existing customers that the product you sold them cannot possibly be considered as a firewall ?

greg

Reply to
Greg Hennessy

The products that have been recommended and purchase by the customers were certified at the time of purchase, with the same level of firmware running on them - nothing has changed that.

Are you always unable to understand anything.

Reply to
Leythos

I think you're on a few kill/hit lists yourself, don't you think with the XP FW.

Reply to
Mr. Arnold

I don't KF anyone, especially Sebastian or VB, they're always good for a moment when you need a repeated mantra that doesn't work for most people.

Reply to
Leythos

Could be. And God bless them. The only maintenance 90% of car drivers can do is fill the gas tank.

I don't care to much about the number of clueless PC users because:

  1. I make money off of helping them.
  2. Their infected systems are no threat to my secured and patched system.
Reply to
Spender

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.