Firewall Wizards mailing list archives
RE: Re: Air Gaps vs. Firewalls
From: Rick Smith <rick_smith () securecomputing com>
Date: Wed, 04 Oct 2000 09:57:11 -0500
At 08:32 AM 10/4/00, Frederick M Avolio wrote:
I think this is of the main point, though. Simply put, is there a place for a device that enforces a provable disconnect between two network (say the Internet and the network containing a corporations most precious assets)?
Absolutely. I liked the air-gap article in Information Security Magazine, which did a reasonable job of covering the topic. I'm just a little short tempered when a real time continuous data link *without* any physical disconnect is called an "air gap." There ought to be a genuine physical "gap" somewhere instead of just electron flux in a bunch of switching transistors. But I'm just old fashioned, or a technical nit picker, or paranoid, or something.
Done correctly, something like e-gap or mandatory access control can provide a "sally port" or "man trap" for data to give the system an opportunity to interrupt its flow. That interruption provides a perfect opportunity for security screening. It's just that I don't think such screening is the same as an "air gap." Strictly speaking, I think the e-gap sounds like as promising a technology as anything I've heard of. I'm skeptical about its commercial prospects, though, since oddball products don't tend to get past the small "paranoids" market and into the mainstream.
Disclosure: I work for the manufacturer of Sidewinder, and have had lots to do with it over the years. Sidewinder relies on mandatory access control.
Rick. smith () securecomputing com _______________________________________________ Firewall-wizards mailing list Firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- RE: Re: Air Gaps vs. Firewalls, (continued)
- RE: Re: Air Gaps vs. Firewalls rreiner (Oct 03)
- RE: Re: Air Gaps vs. Firewalls Rick Smith (Oct 04)
- Re: Re: Air Gaps vs. Firewalls Chuck Swiger (Oct 04)
- Log monitoring / alerting Jean Caron (Oct 09)
- RE: Re: Air Gaps vs. Firewalls Ryan Russell (Oct 04)
- RE: Re: Air Gaps vs. Firewalls Rick Smith (Oct 04)
- RE: Re: Air Gaps vs. Firewalls Rick Smith (Oct 04)
- RE: Re: Air Gaps vs. Firewalls rreiner (Oct 03)
- RE: Re: Air Gaps vs. Firewalls Rick Smith (Oct 04)
- RE: Re: Air Gaps vs. Firewalls Frederick M Avolio (Oct 04)
- RE: Re: Air Gaps vs. Firewalls Rick Smith (Oct 04)
- Re: Air Gaps vs. Firewalls Rick Smith at Secure Computing (Oct 14)
- Re: Air Gaps vs. Firewalls Talisker (Oct 20)