Security Basics mailing list archives
RE: Distributed Firewall
From: "Chris Peden" <cpeden () sundownerinteriors com>
Date: Fri, 25 Apr 2003 11:22:41 -0500
3com makes a NIC based firewall. Thanks, -Chris- IT Director Sundowner Interiors -----Original Message----- From: A Packard (Bugtraq) [mailto:bugtraq_posts () firegoblin com] Sent: Thursday, April 24, 2003 11:08 AM To: security-basics () lists securityfocus com Subject: RE: Distributed Firewall There are quite a few commercial firewall products that are designed for installation on a single machine, there's a version of CheckPoint FW-1 that is for host based protection rather than network protection and it integrates seamlessly into FW-1/Provider-1 management systems. -----Original Message----- From: David Gillett [mailto:gillettdavid () fhda edu] Sent: 23 April 2003 18:11 To: 'Kendric'; security-basics () lists securityfocus com Subject: RE: Distributed Firewall
-----Original Message----- From: Kendric [mailto:Kendric () hotpop com] Hi, just wondering if any of you guys heard of this concept of distributed firewall? I have done some research on it and found it to be quite a wonderful concept into bringing the firewall platform to each client/server end with a central management policy. In other words, it is like having a personal firewall on each individual machine, but centrally managed by a remote management console. In this way, we will not have to put any trust even on the machines on the intranet. Any comments?
I think the idea probably has some merit as part of a "defence in depth" approach. But I don't think it's sufficient on its own, because the resources that need to be protected do not exist just on the individual machines. The network which connects them -- upon which this approach DEPENDS rather heavily! -- lies outside the boundary of what can be protected this way. A network which includes both gateway firewalls and individual host security is going to be a harder nut to crack than a network that relies on only one or the other approach. And centralised administration of individual-host firewalls is an idea whose time is surely here. David Gillett ------------------------------------------------------------------------ --- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-security-basics ------------------------------------------------------------------------ ---- --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.470 / Virus Database: 268 - Release Date: 08/04/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.470 / Virus Database: 268 - Release Date: 08/04/2003 ------------------------------------------------------------------------ --- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-security-basics ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-security-basics ----------------------------------------------------------------------------
Current thread:
- Re: Distributed Firewall, (continued)
- Re: Distributed Firewall Hannes Tschofenig (Apr 24)
- RE: Distributed Firewall A Packard (Bugtraq) (Apr 24)
- RE: Distributed Firewall Ken Kousky (Apr 25)
- Re: Distributed Firewall Shadow (Apr 24)
- Re: Distributed Firewall Kendric (Apr 24)
- RE: Distributed Firewall Jared Valentine (Apr 25)
- RE: Distributed Firewall Conor F. Sibley (Apr 24)
- Re: Distributed Firewall Marcelo Olguin (Apr 24)
- Re: Distributed Firewall Joerg Over (Apr 24)
- Re: Distributed Firewall Hannes Tschofenig (Apr 24)
- RE: Distributed Firewall Chris Peden (Apr 25)
- RE: Distributed Firewall JAVIER OTERO (Apr 28)
- RE: Distributed Firewall Seth Knox (Apr 28)