Firewall Wizards mailing list archives
Re: State of security technology for the enterprise
From: Marcin Antkiewicz <firewallwizards () kajtek org>
Date: Thu, 30 Apr 2009 00:13:24 -0500
The underlying architecture is very important to providing control.
I doubt that the original poster's question can be answered without rest of the relevant information. What is the environment? What systems/data will be protected? Under what regulation? What budget? How big is the staff? What's the infrastructure? What's the organization's experience dealing with IT Sec risks? A laundry list of technology is meaningless - each of the pieces must work with the others, and satisfy some business need. If the later part is neglected funding tends to dry up in 2-3 years. Justification to the business does not have to be extravagant, but it must be well done, and in language and context that the business understands. ArkanoiD is correct, biggest Sidewinder is worthless, if the application folks decide to include passwords in Javascript. I know of a few places that try to correct such creativity with iRules on F5s, but that's just a race that the org is going to loose. Sidewinders and F5s are not needed, secure SDLC will fix that problem. Add decent development process to sidewinders and the F5s and the org will be doing quire well, but that's very expensive - requres cooperation of IT Sec and App Delivery, which cannot be purchased. I think I am trying to say that Seurity is a process, and cannot be bought (in a sustainable manner), But that we all know already. -- Marcin Antkiewicz _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- State of security technology for the enterprise Chris Hughes (Apr 29)
- Re: State of security technology for the enterprise ArkanoiD (Apr 29)
- Re: State of security technology for the enterprise miedaner (Apr 29)
- Re: State of security technology for the enterprise Marcin Antkiewicz (Apr 30)
- <Possible follow-ups>
- Re: State of security technology for the enterprise Chris Hughes (Apr 30)
- Re: State of security technology for the enterprise Paul D. Robertson (Apr 30)
- Re: State of security technology for the enterprise Marcus J. Ranum (Apr 30)
- Re: State of security technology for the enterprise Paul D. Robertson (Apr 30)
- Re: State of security technology for the enterprise Brian Loe (Apr 30)
- Re: State of security technology for the enterprise Paul D. Robertson (Apr 30)
- Re: State of security technology for the enterprise Paul D. Robertson (Apr 30)