Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Firewall RISKS

From: andrew.c.howard () exxon com
Date: Wed, 16 Jun 1999 10:21:56 -0500
I vote for firewalls to be *included* in a good security stance, as a generalization.  Sure, there are other ways to 
put up defense on the perimeter, but are these ways within the understanding and knowledge of the "general" schmuck 
that many times gets tagged with doing security, as a collateral duty?  (that is a different discussion).

Are firewalls (all the different sorts) an *easy* way out?  As we have heard on this list, they aren't always so easy.  
But, they seem to be well understood by many people, so lots of assistance available.  For large organizations, they 
can be a cost effective way to tackle many/some of the security concerns.  They are not the end all, but can be a good 
start, helping discourage at least the door rattlers.

Sure, a risk assessment will help you determine what needs to be protected, to what level, for what cost.  Some of the 
non-firewall solutions may be fine in certain situations.  I, as a personal policy, do not trust the users to follow 
policies (if, for no other reason, the disgruntled employee), so I will implement solutions that do not depend on them. 
 If they actually do follow policy and/or secure their own machines, that is gravy.

Fire when ready, Gridley.

---------Andy Howard   :-)
*      andrew.c.howard () exxon com <mailto:andrew.c.howard () exxon com> 

<<< lots of point/counterpoint snipped to get to key point, as I see it >>>>

        The question isn't whether or not most networks -are- set up that way, <with firewalls >
        the question is whether or not most networks -need- to be set up that way[3].
        You seem to be asserting that they do.  My contention is that there are
        other ways.
Previous By Date Next
Previous By Thread Next

Current thread: