RE: Multiple firewalls from different manufactureres

["Paul D. Robertson" <paul () compuwar net>]

On Fri, 28 Jan 2005, Hurst, Dave wrote:

> That may be the case for some small shops, but I'm wondering if that's
> really the case for organizations that have more complex networks.  If

Sometimes they're worse.  Most of my examples are larger organizations.  I
heard of one that averaged 35 rule changes a day too.

> you're segmenting the network into subnets to isolate different parts of
> the organization or to contain mobile users, providing secure access for
> remote users, connecting geographically distributed locations with VPN
> links, providing extranet services to customers, or any of a dozen other
> things that are driving complexity in the network infrastructure these
> days, then deploying a just single firewall seems untenable.

Yet it seems to meet the "We have a firewall" criterion- then it becomes
"We have a huge, expensive firewall!"  then two...

If folks planned better, they'd have fewer issues, but mostly in large
organizations coordination is a real headache.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards