Hmm, yes. At least one router vendor (with sufficient processing power) is doing this... Here is a pointer to some basic info on Bay Networks' implementation, dating from last September. http://www.baynetworks.com/Products/Briefs/baysecrs.html Tim Crowell wrote:
With all of the recent attacks against ISP services, has anybody considered implementing Checkpoint Firewalls into the CISCO 7513s to front end all traffic from the Internet?
Although in theory this sounds feasible from a security standpoint I'm not sure I am comfortable with the processing power that would be required and having anything looking at every packet. It seems that this would introduce a significant latency into the routing of the traffic (which is the function of a router or at least it used to be). I prefer to let my routers route.
Interested in any and all ideas on the subject.
-- Tim Crowell - GTE Intelligent Network Services tcrowell@gte.net Voice: 214.751.3881
-- Paul Knight mailto:pknight@BayNetworks.com IP Engineering, Systems Test Office: (508) 916-7087 Bay Networks, Inc. M/S BL2-02 Lab: (508) 670-8888, x-65404 2 Federal St., Billerica, MA 01821 Fax: (508) 670-4004