Firewall Wizards mailing list archives
Re: Forrester Research foresees death of firewalls
From: "Kevin T. Shivers" <kts () clark net>
Date: Wed, 16 Jun 1999 21:33:17 -0400 (EDT)
WARNING: This rant comes from an 18 year old recent high school graduate, so take what I say with a grain of salt. Oh, and feel free to send graduation cards and money to.... (just joking :) ) On Tue, 15 Jun 1999, SMITH, Michael @Ottawa wrote:
Forrester has written a report called "Turning Security On Its Head." The
God I hope my higher-ups don't see this.
of this restrictive approach, many firms are oblivious to new technologies like application security middleware that enable easy access to corporate systems. These companies miss the eCommerce boat as more progressive competitors seek alternative ways to open up the back-end."
OK, forgive my daftness, but why would an e-commerce site need to have "easy access to corporate systems"? I would think that e-commerce systems would be fairly self contained and could all be placed in front of the firewall or in the DMZ. I would think that most of the commerce related systems (web server, inventory, payment and order systems, etc.) of big e-commerce sites like amazon.com would be this way and the rest of the systems (corporate, accounting, IT, what have you) would be well protected behind a firewall or two.
Expanding on the notion of sharing responsibility, the report says, "Deploying firewalls to deny bad connections, inspect content, authenticate users, and encrypt traffic will result in network traffic grinding to a halt. Instead, distribute protection throughout the enterprise using routers, Web servers, and application servers. Unite these components through hooks to x.509 certificates, LDAP directories, and policy management systems like Axent's Enterprise Security Manager."
I don't know about you all, but my network operates just fine with my firewall doing everything listed above and more. I'd also like to know where Forrester grows their money off of trees since my funds certainly are limited. I agree with people who say that firewalls are not enough and that more measures are needed, but a firewall protecting the front gate seems to be a good start, and is a lot cheaper and a lot less time consuming than tryng to secure everything in the entire enterprise. I'd also like to know how they fit 50 hours into a day to accomplish the feats needed to unite everything like this together. :)
that bad -- they have provided a stopgap measure for initial Internet security problems. However, we concur with Shiller [sic] that firewalls are no panacea. But before they get ripped out entirely, firewalls will continue in their roles as enforcement points."
I don't think that firewalls will ever go away, as many other people on this list have stated. A firewall is part of a strong security backbone that a company connected to the internet needs to have. Or at least that is what has been pounded into my head my countless people, articles, posting, books, etc. Just call me a product of peer pressure. :) kts -- Kevin T. Shivers NT & UNIX Systems Mutiliator Shivers Consulting http://www.clark.net/pub/kts kts () clark net My words are just that: mine. They do not represent the words of my employers or clients.
Current thread:
- Forrester Research foresees death of firewalls SMITH, Michael @Ottawa (Jun 15)
- Re: Forrester Research foresees death of firewalls Rama Kant (Jun 15)
- Re: Forrester Research foresees death of firewalls Rick Smith (Jun 16)
- Re: Forrester Research foresees death of firewalls Technical Incursion Countermeasures (Jun 16)
- Re: Forrester Research foresees death of firewalls Tim Kramer (Jun 16)
- Re: Forrester Research foresees death of firewalls Adam Shostack (Jun 20)
- Re: Forrester Research foresees death of firewalls David LeBlanc (Jun 20)
- Re: Forrester Research foresees death of firewalls Adam Shostack (Jun 21)
- Re: Forrester Research foresees death of firewalls David LeBlanc (Jun 20)
- Re: Forrester Research foresees death of firewalls Kevin T. Shivers (Jun 20)
- Re: Forrester Research foresees death of firewalls Paul D. Robertson (Jun 20)
- Re: Forrester Research foresees death of firewalls Joseph S D Yao (Jun 21)
- <Possible follow-ups>
- RE: Forrester Research foresees death of firewalls sean . kelly (Jun 16)
- Re: Forrester Research foresees death of firewalls Robert Graham (Jun 20)
- Re: Forrester Research foresees death of firewalls Bennett Todd (Jun 21)
- Re: Forrester Research foresees death of firewalls David LeBlanc (Jun 21)
- Re: Forrester Research foresees death of firewalls Bennett Todd (Jun 21)
- RE: Forrester Research foresees death of firewalls sean . kelly (Jun 20)
- RE: Forrester Research foresees death of firewalls sean . kelly (Jun 21)
- RE: Forrester Research foresees death of firewalls Doug Hughes (Jun 22)
- Re: Forrester Research foresees death of firewalls Stephen P. Berry (Jun 22)
- RE: Forrester Research foresees death of firewalls Doug Hughes (Jun 22)
(Thread continues...)
- Re: Forrester Research foresees death of firewalls Rama Kant (Jun 15)