Air Gaps vs. Firewalls

[Avi Nagar <avi () adm co il>]

> There ought to be a genuine physical "gap" somewhere instead of just
electron flux in a bunch of switching transistors. But I'm just old
fashioned, or a technical nit picker, or paranoid, or something.

Just very naive to think something like that could be done without any
electrical connection and still be for online transactions.

Really wouldn't it be perfect if firewalls and even Sidewinder had no
fault states or backdoors?

Combining "air-gap" technology with products such as eGap and good
firewall solution does provide a better secured practical env. for
e-business systems that must not put all balls in one basket (firewall),
plus the increasing security of internal db and applications from
outside penetration.

> Now, the proprietor might be worried about 'security' and tolerate some
'least privilege' to get it. But it's never a goal in itself, except for
technically oriented security people.

Aiming such a product to every small office web application you may have
a point, but this is hardly the case on large and complex e-business
applications.

Disclosure:  I work for security integration company and we found eGap a
good complimentary solution for physical separation along with
adjustable and easy to use content restriction tool.

Avi Nagar




_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards