Firewall Wizards mailing list archives
Re: Hardware vs. Software firewall reliability
From: Vin McLellan <vin () shore net>
Date: Thu, 9 Sep 1999 04:05:02 -0400
Bill Stout wrote:
What is the current feel of hardware vs. software firewalls?
Marcus J. Ranum wrote:
I figure in a few years firewalls, intrusion detection systems, and most dedicated servers will be appliances -- unless there remains a large corps of dedicated folks who _enjoy_ screwing around with operating systems. (I mean, I _enjoy_ it, but as a hobby, not part of my job. My job is to make things work, and fiddle-ware isn't attractive to senior management in most places anymore)
There was a time when every electric motor had a specialist called an engineer assigned to support it. Now, it would be a very unusual car owner who had the faintest idea how many electric motors are built into his vehicle? Economics and the attractiveness of a narrowly dedicated functionality push us in the same direction. Did you notice the single-chip "IPic" webserver announced recently -- with an estimated cost of manufacture less than $1? The more limited the functionality (smaller, cheaper), the lower the value of programmability -- that is, the lower the demand for access (and flexibility) in the program. You may change the time on your standard electronic watch, but you are not going to learn to reprogram it. Also, the earlier the function of a device is bound into it, the more resistant it typically is to corruption (e.g., virus, worm, or Trojan Horse attacks) or other types of interference. Bill Murray of Deloitt preaches about this. With reference to the single-chip web server, he wrote: .> Note that the hardware for the iPic already costs less than a .>dollar; the value is in the software. However, while the unit cost .>of the hardware is constant (at least in the short term), the unit .>cost of the of the software falls with the number of units. In the .>long run, the value is not in the hardware (container, substrate, .>structure, as you will) or software (function) but in the data. Suerte, _Vin
Current thread:
- RE: Hardware vs. Software firewall reliability, (continued)
- RE: Hardware vs. Software firewall reliability Jules Veloria (Sep 11)
- RE: Hardware vs. Software firewall reliability Aaron D. Turner (Sep 11)
- Re: Hardware vs. Software firewall reliability Bill Pennington (Sep 08)
- Re: Hardware vs. Software firewall reliability Christopher C. Petro (Sep 18)
- Re: Hardware vs. Software firewall reliability David Klann (Sep 08)
- Re: Hardware vs. Software firewall reliability Josh Robb (Sep 08)
- Re: Hardware vs. Software firewall reliability Ryan Russell (Sep 08)
- Re: Hardware vs. Software firewall reliability Marcus J. Ranum (Sep 08)
- RE: Hardware vs. Software firewall reliability Lart (Sep 09)
- RE: Hardware vs. Software firewall reliability Lart (Sep 11)
- RE: Hardware vs. Software firewall reliability Lart (Sep 09)
- Re: Hardware vs. Software firewall reliability Vin McLellan (Sep 09)
- RE: Hardware vs. Software firewall reliability Bill Stout (Sep 09)
- RE: Hardware vs. Software firewall reliability Ryan Russell (Sep 12)
- Tripwire like perl program Siglite (Sep 14)
- RE: Hardware vs. Software firewall reliability dwelch (Sep 14)
- RE: Hardware vs. Software firewall reliability Joe Ippolito (Sep 14)
- RE: Hardware vs. Software firewall reliability Bill Stout (Sep 14)
- RE: Hardware vs. Software firewall reliability Tina Bird (Sep 18)
- RE: Hardware vs. Software firewall reliability Joe Ippolito (Sep 18)
- Re: Hardware vs. Software firewall reliability Chenggong Charles Fan (Sep 18)
- RE: Hardware vs. Software firewall reliability dwelch (Sep 18)
(Thread continues...)