Solved

UDP Error Correction and Firewall data feeds

Posted on 2013-12-23
3
511 Views
Last Modified: 2013-12-23
If UDP contains very little error correction and no compensation for lost packets, why are firewalls using it?  Seems that Firewalls might not be receiving all that is necessary to do an adequate job of protection.
0
Comment
Question by:brothertruffle880
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 6

Accepted Solution

by:
Jon Snyderman earned 250 total points
ID: 39736368
I actually answered this on your previous post but my answer got removed when the moderator stepped in.

It is not about "using" UDP.  It is about filtering, then allowing or denying the packets.   Many common applications and protocols such as VoIP and IPSec, require UDP as part of the spec.  So, firewalls need to be able to pass it and allow or deny it.   They can not proxy it for the reasons that you stated.  

I think that my last answer was a little more in depth, but does this explain it?
~Jon


I hope im not going to get in trouble for this ;)
0
 
LVL 6

Assisted Solution

by:RaithZ
RaithZ earned 250 total points
ID: 39736373
It is used because the loss of packets is not something that happens normally, and UDP has much lower overhead when compared to TCP.  Even systems like DNS use UDP as the primary protocol for requests.
0
 

Author Comment

by:brothertruffle880
ID: 39736432
Many thanks for --once again-- providing crystal clear answers to my questions.  I really appreciate it.  Beyond what you could realize.
And happy holidays too!   ¿
DID YOU READ MY RESPONSE TO THE MODERATOR?    If you didn't please read it.  It crystalizes precisely what is increasingly annoying about EE.   It also clarifies who I am in this community and --more importantly-- what I am NOT!
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_28324170.html


I'm getting tired of having to  post questions defensively.  Of always "watching my back."  I'm paying a fortune to be able to get answers and then I get slapped down by an organization that doesn't doesn't bother to understand semantic nuances.

Based on this... and earlier incidents, I'm looking for alternative means of obtaining technical solutions.  EE has taken their customers for granted for too long and I've reached my tipping point.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Start Cisco VPN AnyConnect Client Before Windows Login 4 62
Cisco ASA 5505 firewall open port 4 56
Cisco 3650x ACL 8 51
VHDx Hyper V bad performance different locations 9 56
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question