I know a bit about the multilayer architecture of ISS Proventia appliances as well. While they are not, strictly speaking firewalls, they do deep packet analysis in a stateful machine. Firewalls on the other hand are basically routers implemented in hardware with layer 2-3 switches put on top of them for performance purposes. A firewall that purports to be all things to all men will often suffer from performance problems, e.g. dropped packets unless it is a big honking thing, or, it can deployed as a load balanced cluster across your virtual switch ports.

I work in IT and I know an ad when I see it.

For most folks - a router, a firewall, anti-virus software, and a decent anti-spyware software - spybot s&d - and common sense will take care of 99.9% of the issues.

Pax

Pax,

While I agree with some things you've said I don't agree with the "most folks" part. I would have said "some folks."

There are literally tens of millions of zombies/drones/bots cruising the Net, delivering spam, packeting various targets, sitting on IRC and numbering in the millions, and lost in the ether because their C2 has been removed by the good guys. I'm talking at any particular minute during the day.

Ad or not, "most folks" aren't able to keep this at bay. Not to mention the fact that the story is targeting business and not the home. The business is where the computer clueless congregate.

There are about 80 PCs at the place I do some of my work and, while the routers keep them from actually getting online, (The place is shut up tight.) there are still bots found running on them so often it surprises me. Why? The answer to that is in the relatively clueless people who sit at them.

I left out one important point I wanted to make: Routers, software firewalls and antivirus suites do not come with built-in common sense for the user to install in their brains. :)

I sincerely hope this is not the "new direction" of the Machinist.