RE: Where do firewall Admins Sit in An Company

[Tony Miedaner <miedaner () twcny rr com>]

Thanks for the response

At 10:38 AM 6/3/2003 -0700, you wrote:

> More often than not I see large enterprises battling over who controls
> the firewalls. Network engineering says they're routers, Information
> Security says they're access control devices, and upper management
> swings back and forth.

  I am wrestling with where the fw admin function should be in a policy 
weak organization.  Also from a point of view that coordination of effort 
are much more difficult when multiple managers and multiple admins are 
involved.  I often look at projects and say to my peers I used to build 
that in a day or two.  Now it takes weeks and months to get things done.



> Some may say they're both correct. I don't think so. While it is true
> that more often than not (some firewalls are bridging) firewall devices
> route packets between networks, it is the underlying operating system
> that is handling the direction of traffic and not the firewall software.
> True, in some cases the line between operating system and firewall
> software may be blurred, but it's still there.

I've always viewed firewalls as neither and both (i.e., they are special 
purpose devices).  Built for a specific function - enforce policy.  It 
seems to be a statement when a network person calls a firewall a 
"router".  Is it a router because it "routes" - doesn't that make every 
machine with a NIC a router?:-) 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards