nanog mailing list archives
Re: Telco's write best practices for packet switching networks
From: Rob Quinn <rquinn () sec sprint net>
Date: Wed, 6 Mar 2002 10:35:24 -0500
When you've got a deployed server, run by clueful people, dedicated to a single task, firewalls are not the way to go.
Probably. And I would certainly rate "clueful people" _far_ above a firewall when it comes times to prioritize your security needs and resources.
What are you going to do with a firewall?
Compared to your average application, firewalls often have -better logging (more detail, adjustable, not on the vulnerable device); -vendors focused on security; -add-ons like IDS that can benefit from the superior logs; -firewall admins focused on security and who do security every day; -better response capability for unplanned/unanticipated security issues.
chose a resilient and flame tested daemon, and watch the patchlist for it.
You've never seen a security vendor come out with a patch or workaround before an application vendor? -- | Opinions are _mine_, facts Rob Quinn | | are facts. (703)689-6582 | | rquinn @ sec.sprint.net | | Sprint Corporate Security | | Computer Incident Response Team |
Current thread:
- Telco's write best practices for packet switching networks Sean Donelan (Mar 06)
- Re: Telco's write best practices for packet switching networks Ron da Silva (Mar 06)
- Re: Telco's write best practices for packet switching networks Eric Brandwine (Mar 06)
- Re: Telco's write best practices for packet switching networks Rob Quinn (Mar 06)
- Re: Telco's write best practices for packet switching networks Eric Brandwine (Mar 06)
- Re: Telco's write best practices for packet switching networks Eric Brandwine (Mar 06)
- Re: Telco's write best practices for packet switching networks Ron da Silva (Mar 06)
- Message not available
- Re: Telco's write best practices for packet switching networks Kelly J. Cooper (Mar 06)
- Re: Telco's write best practices for packet switching networks Sean Donelan (Mar 08)
- Re: Telco's write best practices for packet switching networks Vadim Antonov (Mar 08)
- Re: Telco's write best practices for packet switching networks Leo Bicknell (Mar 08)
- Re: Telco's write best practices for packet switching networks Sean Donelan (Mar 11)
- Re: Telco's write best practices for packet switching networks Jake Khuon (Mar 11)
- Re: Telco's write best practices for packet switching networks Sean Donelan (Mar 11)
- Re: Telco's write best practices for packet switching networks Ratul Mahajan (Mar 12)
- Re: Telco's write best practices for packet switching networks Joe Abley (Mar 12)
- Re: Telco's write best practices for packet switching networks Kelly J. Cooper (Mar 06)