Security Basics mailing list archives
The VIA Model for Evaluating Security Technologies
From: Daniel Miessler <daniel () dmiessler com>
Date: Wed, 11 Mar 2009 09:17:37 -0500
Here's a short piece I just did on the differences between the various security technologies, e.g. ACLs, firewalls, IPS, WAFs, etc. The idea is that there are only three components to a network security technology: -- Visibility -- Identification -- Action ...and that more advanced technologies are simply better in one or more of these areas. I'd like to hear if there thoughts on the model, i.e. whether it's too simple or where it might break down under scrutiny. I also discuss briefly (and in the comments) a possible future where "security points" are placed at all trust boundaries, e.g. between networks, between networks and hosts, and even between hosts and applications. The idea is that these security points will have ALL of the components of a security system (layers 2-7) in each instance, and based on where the system resides it will use the various types of functionality. Anyway, comments welcome. I think it's an interesting discussion. http://dmiessler.com/blog/the-via-model-of-security-filtering-technologies -- Daniel R. Miessler W: http://dmiessler.com/ E: daniel () dmiessler com P: 510 400 2685 G: 0xD4A8FFF6
Current thread:
- The VIA Model for Evaluating Security Technologies Daniel Miessler (Mar 11)