Firewall Wizards mailing list archives
RE: DMZ, defined.
From: dreamwvr <dreamwvr () dreamwvr com>
Date: Tue, 26 Jan 1999 12:48:28 -0700
Since DMZ is taken how about calling it the 'The Pen' seems to fit from my understanding of the language;) Since according to definition namely 'Webster Dictionary' it is a enclosure for animals. Well since the big I is often called 'The Wild' it works for me:) Regards, dreamwvr () dreamwvr com At 09:32 PM 1/21/99 -0500, Paul D. Robertson wrote:
On Thu, 21 Jan 1999, graham, randy wrote:So now we have a language expert. This talk about what a DMZ "really" is seems to miss one extremely important feature of language - change. JustAn equally important feature of language is to use traditional meanings to communicate effectively.check out the OED (Oxford English Dictionary) sometime. The meaning of a word changes over time. John, you no more have the right to give an absolute definition than anyone else here. I think beyond saying that theYet not pointing out a generally accepted meaning to a term that has traditionally been used in a field can cause confusion.DMZ is a less heavily protected region somewhere in our network arena (and even some people might disagree with this broad use), we really aren't
going
to have a general agreement on where exactly the DMZ goes.In traditionally firewalling terms, a DMZ is a network inside of our network boundary but outside of our bastion host. Wanting it to be anything else doesn't automatically make it so.So an area behind a/the firewall off a third NIC cannot be called a DMZ.It can be called "Grape Kool-aid", but that doesn't make it such or follow established tradition.Why not? Because you don't want to call it that? I put some equipmentNo, because such networks have traditionally been labled as "service networks", in keeping with the fact that they are offered some form of protection by the bastion host, and therefore topologically different than the tradtional DMZ.there work, but try to offer some protection. Why can't I call this a DMZ if that's what I think of as the DMZ? It is fairly open, but I restrictYou can, but when you speak with others in the firewall community they'll think you mean something else. There's nothing stopping you from calling it a "protected internal network" either. Just don't expect others who are using the terminology built up in the field over a long period of time to (a) understand you, or (b) follow your terminology whims.what I can. I track as well as I can what goes in and out there. It doesn't have any more access to my internal net than the outside world. What's missing here?What's missing is several years of firewalling architecture discussions which have built up some commonly used terminology.I really don't mean to be a jerk about this (I get to be a jerk at work enough that I don't need to act like that on mail lists to meet my daily recommended allowance). In fact, I've enjoyed your recent postings and learned quite a bit these past couple of days. But please don't tell me
how
I can define a term. As long as everyone with whom I speak knows how I use the term, it should be fine. I do know now what you mean by DMZ, but IThis causes ambiguity. There's _more than enough_ ambiguity with terms such as "firewall", we really don't need more.don't use the term the same. As long as we know this about each other, we can communicate effectively, and that is where we really need to be.I'd question how effectively you can communicate, or what you do to a field by redefining terms to suit an individual whim. If I tell my mechanic that the spark plug wire is bad, and I mean the previously established definition of spark plug wire which I and my friends use to mean "left indicator bulb", I've added confusion for no great reason. Perhaps a better question would be what we gain from your use of a term which hasn't traditionally been used in the way in which you seem to want to use it. As far as I can see, we gain ambiguity and confusion. I'm not the language police, but I probably wouldn't agree to calling it "freebled whatsit network four" either. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () clark net which may have no basis whatsoever in fact." PSB#9280
Reuters, London, February 29, 1998: Scientists have announced discovering a meteorite which will strike the earth in March, 2028. Millions of UNIX coders expressed relief for being spared the UNIX epoch "crisis" of 2038. _______________________________________________________________________ DREAMWVR.COM - TOTAL WEB INTEGRATION, DEVELOPMENT, DESIGN SERVICES. Featuring Website Development and Web Strategies of a TOP Developer <http://www.dreamwvr.com/dynamicduo.html> <mailto:dreamwvr () dreamwvr com> "As Unique as the Company You Keep." "===0 PGP Key Available ________________________________________________________________________
Current thread:
- DMZ, defined. John Kozubik (Jan 20)
- WinNT and Firewall-1 Alyea (Jan 21)
- RE: DMZ, defined. Andrew J. Luca (Jan 21)
- <Possible follow-ups>
- Re: DMZ, defined. Chris Kostick (Jan 21)
- Re: DMZ, defined. dreamwvr (Jan 26)
- RE: DMZ, defined. graham, randy (Jan 21)
- RE: DMZ, defined. Paul D. Robertson (Jan 26)
- RE: DMZ, defined. dreamwvr (Jan 27)
- RE: DMZ, defined. Paul D. Robertson (Jan 27)
- Re: DMZ, defined. Joseph S D Yao (Jan 28)
- RE: DMZ, defined. David LeBlanc (Jan 27)
- RE: DMZ, defined. Paul D. Robertson (Jan 26)
- Re: DMZ, defined. Jon E. Hetty (Jan 21)
- RE: DMZ, defined. graham, randy (Jan 26)
- RE: DMZ, defined. Paul D. Robertson (Jan 26)
- RE: DMZ, defined. Ken_Stephens (Jan 26)
- RE: DMZ, defined. Chris Crozier (Jan 27)
- Re: DMZ, defined. Steve Bellovin (Jan 27)
- RE: DMZ, defined. Glenn Larsson (Jan 28)