Security Basics mailing list archives

RE: Distributed Firewall

From: "Chris Peden" <cpeden () sundownerinteriors com>
Date: Fri, 25 Apr 2003 11:22:41 -0500

3com makes a NIC based firewall.

Thanks,
-Chris-
IT Director
Sundowner Interiors
 


-----Original Message-----
From: A Packard (Bugtraq) [mailto:bugtraq_posts () firegoblin com] 
Sent: Thursday, April 24, 2003 11:08 AM
To: security-basics () lists securityfocus com
Subject: RE: Distributed Firewall


There are quite a few commercial firewall products that are designed for
installation on a single machine, there's a version of CheckPoint FW-1
that
is for host based protection rather than network protection and it
integrates seamlessly into FW-1/Provider-1 management systems.

-----Original Message-----
From: David Gillett [mailto:gillettdavid () fhda edu]
Sent: 23 April 2003 18:11
To: 'Kendric'; security-basics () lists securityfocus com
Subject: RE: Distributed Firewall

-----Original Message-----
From: Kendric [mailto:Kendric () hotpop com]

Hi, just wondering if any of you guys heard of this concept
of distributed
firewall? I have done some research on it and found it to be quite a
wonderful concept into bringing the firewall platform to each
client/server
end with a central management policy. In other words, it is
like having a
personal firewall on each individual machine, but centrally
managed by a
remote management console. In this way, we will not have to
put any trust
even on the machines on the intranet. Any comments?


  I think the idea probably has some merit as part of a "defence
in depth" approach.
  But I don't think it's sufficient on its own, because the
resources that need to be protected do not exist just on the
individual machines.  The network which connects them -- upon
which this approach DEPENDS rather heavily! -- lies outside
the boundary of what can be protected this way.

  A network which includes both gateway firewalls and individual
host security is going to be a harder nut to crack than a network
that relies on only one or the other approach.  And centralised
administration of individual-host firewalls is an idea whose time
is surely here.

David Gillett



------------------------------------------------------------------------
---
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam,
the
world's premier event for IT and network security experts.  The two-day
Training features 6 hand-on courses on May 12-13 taught by
professionals.
The two-day Briefings on May 14-15 features 24 top speakers with no
vendor
sales pitches.  Deadline for the best rates is April 25.  Register today
to
ensure your place.
http://www.securityfocus.com/BlackHat-security-basics
------------------------------------------------------------------------
----

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.470 / Virus Database: 268 - Release Date: 08/04/2003

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.470 / Virus Database: 268 - Release Date: 08/04/2003


------------------------------------------------------------------------
---
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam,
the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by
professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no
vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today
to 
ensure your place.
http://www.securityfocus.com/BlackHat-security-basics 
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
world's premier event for IT and network security experts.  The two-day
Training features 6 hand-on courses on May 12-13 taught by professionals.
The two-day Briefings on May 14-15 features 24 top speakers with no vendor
sales pitches.  Deadline for the best rates is April 25.  Register today to
ensure your place.  http://www.securityfocus.com/BlackHat-security-basics
----------------------------------------------------------------------------

Current thread:

Re: Distributed Firewall, (continued)
- - Re: Distributed Firewall Hannes Tschofenig (Apr 24)
  - RE: Distributed Firewall A Packard (Bugtraq) (Apr 24)
  - RE: Distributed Firewall Ken Kousky (Apr 25)
- Re: Distributed Firewall Shadow (Apr 24)
  - Re: Distributed Firewall Kendric (Apr 24)
  - RE: Distributed Firewall Jared Valentine (Apr 25)
- RE: Distributed Firewall Conor F. Sibley (Apr 24)
- Re: Distributed Firewall Marcelo Olguin (Apr 24)
- Re: Distributed Firewall Joerg Over (Apr 24)
- Re: Distributed Firewall Hannes Tschofenig (Apr 24)
- RE: Distributed Firewall Chris Peden (Apr 25)
- RE: Distributed Firewall JAVIER OTERO (Apr 28)
- RE: Distributed Firewall Seth Knox (Apr 28)