Firewall Wizards mailing list archives

Re[2]: [Theory] Time for a new FWTK? (long)

From: Rick_Giering_at_mpg003 () ccmailgw mcgawpark baxter com
Date: Tue, 2 Dec 1997 10:39:57 -0600

Author:  David Collier-Brown <davecb () Canada Sun COM> writes:

Rick_Giering_at_mpg003 () ccmailgw mcgawpark baxter com

wrote:

     To me, a firewall is supposed to :
        1) protect against private information flowing

out

        2) protect against malicious applets flowing in
        3) controlling what content internal users can access
        4) protect against malicious users gaining access inside.
        5) protect against DOS attacks on machines available for

public

     use.
        6) Add your own "supposed to" here...


I suspect that we will also see a need for inter- and
intra-departmental ``firewalls'', and in
the short term, inter-partner firewalls.

I agree on both counts. But, I don't think many will because of two reasons
        A) Lack of perceived need.
        B) Hardware and Administrative cost
        C) Perceived cost to the business

Most companies don't perceive the need for a strong security 
group. Also, the current trend has been to bring down the 
political walls between groups and departments inside a 
company. I don't see how management will agree to erect 
techincal walls let alone agree to spend money and resources 
on such a project. 

Lastly, I think most management will perceive a 
"compartmentalized" network infrastructure as costing the 
business productivity. Especially since most tools available 
today won't work in a firewalled type of environment.

This will slowly raise the complexity level to the point
where single-point-of-presence solutions, the things we're
currently calling firewalls, will be insufficient.

I agree.

There will be a new service in use then...  but we'll
probably still call it a ``firewall''. The only
useful speculation I can make is that it will apply a
hierarchical policy to a large number of somethings,
with considerable local involvement.

--dave
-- 
David Collier-Brown,  | Always do right. This will gratify some people 
185 Ellerslie Ave.,   | and astonish the rest.        -- Mark Twain 
Willowdale, Ontario   | davecb () hobbes ss org, canada.sun.com
M2N 1Y3. 416-223-8968 | http://java.science.yorku.ca/~davecb

Current thread:

Re: [Theory] Time for a new FWTK? (long) Rick_Giering_at_mpg003 (Dec 01)
- Re: [Theory] Time for a new FWTK? (long) David Collier-Brown (Dec 03)
- Re: [Theory] Time for a new FWTK? (long) Bennett Todd (Dec 03)
- Re: [Theory] Time for a new FWTK? (long) Ted Doty (Dec 03)
- <Possible follow-ups>
- Re[2]: [Theory] Time for a new FWTK? (long) Rick_Giering_at_mpg003 (Dec 03)
  - Re: Re[2]: [Theory] Time for a new FWTK? (long) Bennett Todd (Dec 03)
- Re[2]: [Theory] Time for a new FWTK? (long) Rick_Giering_at_mpg003 (Dec 03)