Search squid archive

Re: pros/cons squid vs next generation firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I would recommend comparing capabilities based on your access control requirements. For instance with squid, you can easily limit a POST to something like https://s3.amazonaws.com  but deny a POST to https://s3.amazonaws.com/* ; some firewalls cannot get that granular without complexity of the rules. Why this particular example is important, is because it allows one to create an S-3 bucket but not put anything in it; this way you can limit to which S-3 buckets one is authorized to access and how (i.e. GET vs POST). While this may not be relevant to your company's requirements, think of what are your company's requirements and make sure the solution meets all those requirements.

 

Joe

From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> on behalf of Antony Stone <Antony.Stone@xxxxxxxxxxxxxxxxxxxx>
Date: Monday, July 25, 2022 at 7:29 AM
To: squid-users@xxxxxxxxxxxxxxxxxxxxx <squid-users@xxxxxxxxxxxxxxxxxxxxx>
Subject: Re: pros/cons squid vs next generation firewall

NetApp Security WARNING: This is an external email. Do not click links or open attachments unless you recognize the sender and know the content is safe.




On Monday 25 July 2022 at 13:22:23, Dieter Bloms wrote:

> Hello,
>
> I run some Squid proxy servers in conjunction with ICAP virus scanners
> and I'm very happy with them. Our company now wants to replace them with
> a checkpoint next generation firewall. Do you have some arguments that
> speak for the further operation of the Squid proxies?

I would always start by asking what the justification for changing is, and see
whether you can show that it's not valid (or has drawbacks the people
advocating the change haven't thought of).


Antony.

--
BASIC is to computer languages what Roman numerals are to arithmetic.

                                                   Please reply to the list;
                                                         please *don't* CC me.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux