On Mon, 2004-08-09 at 12:48, Mike O wrote: > John, > > Would you mind elaborating on your comment about Netfilter's stateful engine > being weaker than Checkpoint's? and how would the window tracking patch make > it more secure. We have checkpoint here and have ran into problems, where > checkpoint has limited us in the way we do things here and I have always > wanted to implement netfilter but couldn't because it's open source. <snip> I would imagine that you could find "commercial" products that are using iptables and thus get around the open source problem. Astaro, SnapGear and iKloak come to mind. I believe some WatchGuard models are based upon iptables. There are also some other smaller players such as SmoothWall (in the UK), Kyzo, NetMAX and NetMaster. -- John A. Sullivan III Chief Technology Officer Nexus Management +1 207-985-7880 john.sullivan@xxxxxxxxxxxxx --- If you are interested in helping to develop a GPL enterprise class VPN/Firewall/Security device management console, please visit http://iscs.sourceforge.net
