RE: Shuttle & via epia... now firewalls

["BUTLER, Tony, FM" <tony.butler@xxxxxxx>]

> I sort of agree and disagree with what you say:

That's neither a good nor a bad thing :)

> I agree with you that a Via board is ludicrously overpowered
> for running the firewall for a domestic LAN on broadband. A
> second-hand P90 with a 10Mb HDD would be fine, and should
> come in about =A330 in a local PC fair.
>
> I disagree that the solution is to run other services on a
> firewall. PC hardware is _not_ capable of serving firewall
> functions as well as serving resources to the internal network.

These two statements appear at odds with each other:
If a 2nd hand P90 will do the job of a firewall, why will a Via board with = a
1Gig (or there abouts) processor not be more than capable of the same
functionality + a bit more besides?
Firewall software, simplistically does little more than say "hello pac= ket.
Do I know you and am I allowed to let you in(or out)?".
Bandwidth wise, well even my super duper 1meg connections is just that - 1<= BR> meg.  The lan is 100 meg (or 10 if you're living in the past still) so=
you're not gonna be killing the network card on the firewall pc either.
So where's the problem?

> If you are going to go to the trouble of having a firewall,
> then do it properly. Don't compromise it by adding lots of
> security holes.

This is a different issue about what is considered good practise etc WTR firewalls and network security.
IIRC, the 'preferred' method involved something like 3 pc's to make your network as secure as possible (I can check this later if I can find the
relevant book) which is fine for a corporate network with shed loads of
sensitive data.
If I used a PC as firewall and media server & someone manages to copy a= ll
the media off said server well, it's not the end of the world is it?
I have the CD's, I may even have a backup - I can recreate the media server=
element of it.
I wouldn't put my business/personal documents on there no, but I don't see<= BR> music (albiet 1000's of files) being a major issue if someone gets hold of<= BR> it - other than to blackmail me over some of my dodgy early musical tastes<= BR> :)

anyway, don't we all have hardware routers these days with firewalling buil= t
in? :)


Tony


********************************************************************
      Visit our Internet site at http://www.rbsmarkets.com

This e-mail is intended only for the addressee named above.
As this e-mail may contain confidential or privileged information,
if you are not the named addressee, you are not authorised to
retain, read, copy or disseminate this message or any part of it.
The Royal Bank of Scotland is registered in Scotland No 90312
Registered Office: 36 St Andrew Square, Edinburgh EH2 2YB
Regulated by the Financial Services Authority
********************************************************************

For more information: http://www=
.automatedhome.co.uk 
Post message: ukha_d@xxxxxxx 
Subscribe:  ukha_d-subscribe@xxxxxxx 
Unsubscribe:  ukha_d-unsubscribe@xxxxxxx 
List owner:  ukha_d-owner@xxxxxxx

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.