Why can't L3 Cisco switches (with ACLs) replace firewalls
Posted on 2013-11-14
This is a very basic question:
Instead of buying firewalls (eg: Checkpoint, Netscreen, ASA),
can we just buy Cisco switches & implement ACLs ?
Unless they're application firewalls (which inspects the content),
thought hardware firewalls (eg: Checkpoint, Netscreen) blocks &
permits by ports which is what ACLs are doing too ?? Yes or No?
So in what ways are those dedicated firewalls (Checkpoint, Netscrn)
more secure than L3 ACLs ?