Firewall Wizards mailing list archives
Re: Air Gap info from Whale's founder
From: Frederick M Avolio <fred () avolio com>
Date: Sun, 15 Oct 2000 22:02:05 -0400
Rick, I don't mean to presume anything. It just seems that some of your comments come from not really understanding the product. I could be terribly mistaken about this, of course, but that's the only way I could explain some of what you say.
but let me assure you that the differences from a security standpoint between the e-Gap System and a typical (lets say Check Point) firewall are much greater than the differences between such a firewall and a router. So if you agree on the distinction between the firewall category and the router category, you should have no problem accepting the Air Gap category.Trust me, just about every high end firewall vendor does what you're trying to do: redefine the market categories to make your product sound special. Here at
Well... I've only been involved in one way or another with firewalls since 1991 when the first commercial firewall was delivered to the first commercial customer. I think it is a different product category. We seem to disagree.
This is an incredibly bad approach to network security architecture. You don't put a 3 ton safe door over one entrance to the bank vault and a cheap fire door from Home Depot over the other.
What Elad suggested -- the picture he painted -- is not equivalent to the analogy you present. The approach that Elad suggests is not "incredibly bad" in my professional opinion. Maybe you misunderstand. In your other reply (to Avi Nagar), you mention content screening. Focusing on that just makes me think you're looking at this wrong. But then you mentioned the insider threat -- something that everyone on this list already understands, and yet we still put in firewalls -- which just puzzles me.
Normally, I'd not weigh in at all, but your note -- probably not intentional -- with it's dogmatic statements begs for someone to say "I disagree." It;'s fine that we disagree on what is sufficient security for the case in point. And your answers to Avi Nagar also make it clear that you and I differ on some security philosophy basics.
Fred Avolio Consulting, Inc. 16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US +1 410-309-6910 (voice) +1 410-309-6911 (fax) http://www.avolio.com/ _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- Air Gap info from Whale's founder Elad Baron (Oct 11)
- Re: Air Gap info from Whale's founder Rick Smith at Secure Computing (Oct 14)
- Re: Air Gap info from Whale's founder Frederick M Avolio (Oct 16)
- <Possible follow-ups>
- Air Gap info from Whale's founder Paz (Oct 12)
- Re: Air Gap info from Whale's founder Rick Smith at Secure Computing (Oct 14)