Firewall Wizards mailing list archives
Firewall administration.
From: Darren Reed <darrenr () cyber com au>
Date: Mon, 29 Sep 1997 20:22:01 +1000 (EST)
Anton, I think there's other factors here which contribute to the "personel" problem. One of them is what the firewall & Internet connection provide _to_ the company (in terms of $$). At the moment, it's primary access to email, WWW and other Internet based resources. What value does that have to a multi-billion $ company ? And in smaller companies where there is increased pressure to make sure there is a profit being returned, the availability of budget money may not be a part of the current scheme of things. Why ? Well, I partly think this is due to the commodity nature of firewalls. If my manager decides tomorrow that he wants an Internet connection and firewall yesterday, has budget for the equipment but balks at the suggestion of another $50k/yr staff member (who will have little or no direct role in increasing the revenue of the company), do you think he'll put off the purchase of the equipment & connection until HR can find and employ the right person ? And that leads us to the current dilema many are noticing. Reviews of firewalls based on the GUI 1st and security 2nd. Why ? Because firewall experts are costly (if they even want to work permanently!) and training a person to the required level is also going to be quite costly. Thus relying on skilled people to configure them is to nobody's advantage so the presence of user-friendly interfaces becomes a must. Even then, if that person leaves, what next ? I think the presence of an easily usable GUI is a *must* for any serious commercial firewall. It should make it *hard* for the user to do things which will create security problems (but not impossible!) and *easy* for them to configure their firewall securely. But that doesn't justify the reviewers using the GUI as the #1 index. Darren
Current thread:
- firewalls and the incoming traffic problem Marcus J. Ranum (Sep 28)
- Re: firewalls and the incoming traffic problem Paul D. Robertson (Sep 28)
- Re: firewalls and the incoming traffic problem Jyri Kaljundi (Sep 29)
- Re: firewalls and the incoming traffic problem Aleph One (Sep 28)
- Re: firewalls and the incoming traffic problem neil d. quiogue (Sep 29)
- Re: firewalls and the incoming traffic problem Aleph One (Sep 30)
- Re: firewalls and the incoming traffic problem neil d. quiogue (Sep 29)
- Re: firewalls and the incoming traffic problem Darren Reed (Sep 28)
- Re: firewalls and the incoming traffic problem Bennett Todd (Sep 29)
- Re: firewalls and the incoming traffic problem Leonard Miyata (Sep 30)
- <Possible follow-ups>
- Re: firewalls and the incoming traffic problem Anton J Aylward (Sep 28)
- Firewall administration. Darren Reed (Sep 29)
- Re: Firewall administration. Bennett Todd (Sep 30)
- Firewall administration. Darren Reed (Sep 29)
- RE: firewalls and the incoming traffic problem Itai Dor-on (Sep 28)
- Re: firewalls and the incoming traffic problem Bennett Todd (Sep 29)
- RE: firewalls and the incoming traffic problem Dana Nowell (Sep 29)
- Re: firewalls and the incoming traffic problem Paul D. Robertson (Sep 28)