A firewall normally is a protocol enforcer rather than a content filter, although some firewalls (Symantec Raptor) can have content filtering as well. The different kinds of firewalls enforce protocols at different stack layers. Application Gateways (like Gauntlet and Raptor) enforce the application layer (HTTP, FTP, SMTP etc.) while stateful inspection enforce the transport layer (TCP streams). A content filter is looking at the semantics of the stream, not just the syntax. -----Original Message----- From: firewalls-owner@Lists.GNAC.NET [mailto:firewalls-owner@Lists.GNAC.NET]On Behalf Of Zachary Uram Sent: Wednesday, June 06, 2001 13:23 To: David Ishmael Cc: firewalls@Lists.GNAC.NET Subject: RE: Content Filtering i thought a firewall WAS a content filter? i don't understand please elucidate On Wed, 6 Jun 2001, David Ishmael wrote: > Yeah, I've heard the same thing. From my understanding, the best solution > is to have a firewall AND a content filtering tool. You should never use a > content filter as a means of firewalling a network. From what I've read, > doing a firewall/filter solution is secure (if there is such a thing). ;) > > David Ishmael, CCNA, IVCP > Senior Network Management Engineer > Windward Consulting Group, Inc. > Phone: (703) 283-7564 > Pager: (888) 910-7094 > eFax: (425) 969-4707 > Fax: (703) 351-9428 > mailto:dishmael@windwardcg.com > mailto:9107094@skytel.com > > > - [To unsubscribe, send mail to majordomo@lists.gnac.net with "unsubscribe firewalls" in the body of the message.]