[ previous ] [ next ] [ threads ]
 
 From:  Jim Thompson <jim at netgate dot com>
 To:  "Sancho2k.net Lists" <lists at sancho2k dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] icsa certified
 Date:  Wed, 23 Mar 2005 20:01:37 -1000
On Mar 23, 2005, at 12:04 PM, Sancho2k.net Lists wrote:

> Chris Buechler wrote:
>
>> If anybody is willing to pay the $25K USD per classification per year
>>  to certify it, I'm sure it could be done.  The only certified 
>> firewalls on their list [1] are commercial, since no open source 
>> project has the cash for certification.
>
> Or since no one really cares?
>
> I see too many products on their list that meet their criteria that I 
> wouldn't touch with a 40-foot pole. It reminds me of the security 
> criteria that OS vendors are expected to meet in order to be certifed 
> on one of the U.S. government's various security safe lists. When I 
> don't see BSD on the list but I do see Windows 2000 I have a hard time 
> taking it seriously.

ICSA is one of those remnants of the "firewall wars", circa 1995 or so. 
   (Netgate was originally the name
of the firewall/ipsec product that smallworks(.com, now my blog) 
produced.)

Likely that if you want to sell to corporations, you'll want it.  If 
you're inside the corp, deploy m0n0 (or pfsense) and be done with it.

jim