UDP Error Correction and Firewall data feeds

If UDP contains very little error correction and no compensation for lost packets, why are firewalls using it?  Seems that Firewalls might not be receiving all that is necessary to do an adequate job of protection.
brothertruffle880Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Jon SnydermanConnect With a Mentor Commented:
I actually answered this on your previous post but my answer got removed when the moderator stepped in.

It is not about "using" UDP.  It is about filtering, then allowing or denying the packets.   Many common applications and protocols such as VoIP and IPSec, require UDP as part of the spec.  So, firewalls need to be able to pass it and allow or deny it.   They can not proxy it for the reasons that you stated.  

I think that my last answer was a little more in depth, but does this explain it?
~Jon


I hope im not going to get in trouble for this ;)
0
 
RaithZConnect With a Mentor Commented:
It is used because the loss of packets is not something that happens normally, and UDP has much lower overhead when compared to TCP.  Even systems like DNS use UDP as the primary protocol for requests.
0
 
brothertruffle880Author Commented:
Many thanks for --once again-- providing crystal clear answers to my questions.  I really appreciate it.  Beyond what you could realize.
And happy holidays too!   ¿
DID YOU READ MY RESPONSE TO THE MODERATOR?    If you didn't please read it.  It crystalizes precisely what is increasingly annoying about EE.   It also clarifies who I am in this community and --more importantly-- what I am NOT!
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_28324170.html


I'm getting tired of having to  post questions defensively.  Of always "watching my back."  I'm paying a fortune to be able to get answers and then I get slapped down by an organization that doesn't doesn't bother to understand semantic nuances.

Based on this... and earlier incidents, I'm looking for alternative means of obtaining technical solutions.  EE has taken their customers for granted for too long and I've reached my tipping point.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.