Re: [Theory] Time for a new FWTK? (long)

[David Collier-Brown <davecb () canada sun com>]

Rick_Giering_at_mpg003 () ccmailgw mcgawpark baxter com wrote:
>      To me, a firewall is supposed to :
>         1) protect against private information flowing out
>         2) protect against malicious applets flowing in
>         3) controlling what content internal users can access
>         4) protect against malicious users gaining access inside.
>         5) protect against DOS attacks on machines available for public
>      use.
>         6) Add your own "supposed to" here...

        I suspect that we will also see a need for inter-
        and intra-departmental ``firewalls'', and in
        the short term, inter-partner firewalls.

        This will slowly raise the complexity level to the 
        point where single-point-of-presence solutions, the
        things we're currently calling firewalls, will be
        insufficient.

        There will be a new service in use then...  but
        we'll probably still call it a ``firewall''.
        The only useful speculation I can make is that
        it will apply a hierarchical policy to a large
        number of somethings, with considerable local
        involvement.

--dave
-- 
David Collier-Brown,  | Always do right. This will gratify some people
185 Ellerslie Ave.,   | and astonish the rest.        -- Mark Twain
Willowdale, Ontario   | davecb () hobbes ss org, canada.sun.com
M2N 1Y3. 416-223-8968 | http://java.science.yorku.ca/~davecb