Firewall Wizards mailing list archives

RE: Time for a new FWTK?

From: Bret Watson <lists () bwa net>
Date: Thu, 27 Nov 1997 09:53:41

At 01:05 PM 11/26/97 -0500, Bill Stout wrote:

Another thought.  AFA 'expert analysis', that can be put in a central
box, and the departmental firewalls could in effect, ask the dictator
box, "Is this O.K. to pass?".  Client/server distributed firewall
architechture.  NC firewalls.  Other proxy people responsible for 'suck
brain-damaged protocols'.


How about this then...
If the application proxy can be likened to bank cashier and stateful
filtering to a front desk security guard then how about the concept of
CPTED? (crime Prevention through environmental design - for those without a
physSec background)
Where the 'firewall' watches all that happens on the network and reports
when activities are suspicious or new so that the heavies can come in -
otherwords something like RealSecure on Steriods...

Bret
Technical Incursion Countermeasures     Computer Security Consultants
consulting () bwa net                      http://www.bwa.net/
ph: (+61)(08) 9429 8898(UTC+8 hrs)      fax: (+61)(08) 9429 8800

Current thread:

RE: Time for a new FWTK? Stout, William (Nov 26)
- <Possible follow-ups>
- RE: Time for a new FWTK? Bret Watson (Nov 26)
  - RE: Time for a new FWTK? Craig Brozefsky (Nov 27)
    - Re: Time for a new FWTK? Bennett Todd (Nov 28)
    - Re: Time for a new FWTK? Craig Brozefsky (Nov 28)
    - Re: Time for a new FWTK? Marcus J. Ranum (Nov 28)
    - New firewall paradigms, anyone ? Darren Reed (Nov 28)
    - Re: New firewall paradigms, anyone ? Marcus J. Ranum (Nov 28)
    - RE: Time for a new FWTK? Bret Watson (Nov 28)
    - RE: Time for a new FWTK? Marcus J. Ranum (Nov 28)
- Re: Time for a new FWTK? Ellis Luk (Nov 27)
- Re: Time for a new FWTK? Bennett Todd (Nov 28)

(Thread continues...)