[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ACLs vs. full firewalls

Subject: ACLs vs. full firewalls
From: mhelmest at uvic.ca (Michael Helmeste)
Date: Tue, 07 Apr 2009 15:29:27 -0700
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

While there are no specific audit requirements, overall traffic auditing
(not just for dropped packets) is definitely something I'm considering.
One way of gathering this data without using a firewall would seem to be
netflow; I don't think netflow specifically calls out (or even shows?)
traffic blocked by ACLs though, which could be a point for consideration.

Eric Gauthier wrote:
> Michael,
> 
> Do you have logging or audit requirements to your filters?
> We use ACLs almost everywhere for non-stateful filtering, but
> there are a few locations (e.g. HIPPA) that require an 
> audit trail which is perhaps better accomplished by a firewall.
> 
> Eric :)
> [...]

References:
- ACLs vs. full firewalls
  - From: mhelmest at uvic.ca (Michael Helmeste)
- ACLs vs. full firewalls
  - From: eric at roxanne.org (Eric Gauthier)

Prev by Date: Call for participants, NANOG 46: ISP Security BOF
Next by Date: ACLs vs. full firewalls
Previous by thread: ACLs vs. full firewalls
Next by thread: ACLs vs. full firewalls
Index(es):
- Date
- Thread