[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf vs ASIC firewalls



On Mon, 14 Mar 2005 15:33:02 +0000, Ryan McBride <[email protected]> wrote:
> On Mon, Mar 14, 2005 at 03:50:23PM +0530, Siju George wrote:
> > Could Someone please tell me the advantages of PF against Firewalls
> > using the ASIC technology in terms of Security and perfomance??
> 
> If there is a bug in pf, we'll tell you, and  you can apply a patch.
> 
> If there is a bug in your ASIC, and the vendor tells you at all, there
> are two options: go back to doing the packet processing in the
> underpowered CPU, or replace the hardware.
> 
Thankyou so much Ryan for replying to this message and thankyou so
much for al your efforts on this project :)))
I saw this
http://www.juniper.net/support/security/alerts/screenos-sshv1-2.txt
so there they provide a way to upgrade the OS withou replacing the firewall.
mainly I put this post because of this "new news" being spread around
that ASIC firewalls can have good perfomance where firewalls like PF
fails when there is heavy traffic. It made me wonder whether the
perfomance of ASIC firewalls were brought about at the cost of some
security?
thank you so much once again for the reply :)))
kind regards
Siju