Worms, Air Gaps and Responsibility

["Paul D. Robertson" <paul () compuwar net>]

Hospitals, banks, the U.K. Coast Guard...  The damage from the latest
Microsoft-based worm isn't as widespread as that from the last one, but
it's pretty darned bad in point cases.

Why do people continue to connect critical production networks to
user/administrative networks?

Surely networking equipment is cheap enough that a real honest air gap
(not some marketingspeak switch thingie) isn't all that difficult to
deploy?

Air gaps make great firewalls.  They rarely need upgrading, they're
low-power and low-heat, and they're less filling and taste great.

Worst-case, a few low-end firewalls to segment the users off from the
production stuff should be a no-brainer these days.

All the money, effort and time people are spending on IDS, IPS, and all
the other buzzword-compliant devices, and yet we still don't have good
solid separation and segmentation in places where, one would expect that
the responsibility for running a critical network would require some level
of protection to be displayed.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards