Firewall Wizards mailing list archives
Re: segmentation of DMZs
From: Carson Gaspar <carson () taltos org>
Date: Sun, 17 Nov 2002 00:35:34 -0500
--On Sunday, November 17, 2002 12:56 AM +0100 Mikael Olsson <mikael.olsson () clavister com> wrote:
High operational / debugging complexityWhy? All of a sudden I can even get logs of all connections opening and closing, which I couldn't easily get before. I can even do monitoring and alerting when connections that I expect to happen suddenly _aren't_ happening between two boxes!
True, if you run all of (Network, Hosts, Firewalls). If 3 (or more) different groups run them, it becomes nasty - fingerpointing fiesta. Also, any complex config has a larger chance of bit rot as change management happens, especially with staff turnover.
-- Carson _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Mainframes on the Net? Don Kendrick (Nov 13)
- Re: Mainframes on the Net? Paul Robertson (Nov 13)
- Re: Mainframes on the Net? Barney Wolff (Nov 13)
- segmentation of DMZs Shimon Silberschlag (Nov 14)
- Re: segmentation of DMZs Paul D. Robertson (Nov 14)
- Re: segmentation of DMZs Carson Gaspar (Nov 14)
- Re: segmentation of DMZs Mikael Olsson (Nov 16)
- Re: segmentation of DMZs Carson Gaspar (Nov 17)
- Re: segmentation of DMZs Miles Sabin (Nov 15)
- RE: segmentation of DMZs Ofir Arkin (Nov 18)
- Re: Mainframes on the Net? Paul Robertson (Nov 13)
- Re: Mainframes on the Net? Lorens Kockum (Nov 14)
- <Possible follow-ups>
- RE: Mainframes on the Net? Scott, Richard (Nov 13)
- RE: Mainframes on the Net? Noonan, Wesley (Nov 13)
- RE: Mainframes on the Net? Desai, Ashish (Nov 14)
- RE: Mainframes on the Net? Paul D. Robertson (Nov 14)
- RE: Mainframes on the Net? ark (Nov 15)
- RE: Mainframes on the Net? Paul D. Robertson (Nov 15)