Firewall Wizards mailing list archives
Re: Facts, not Fiction
From: Chris Brenton <cbrenton () sover net>
Date: Thu, 13 Nov 1997 11:12:01 -0500
Andreas Siegert wrote:
-----Forwarded message from Hartmut.Fehling () Hamburg-Mannheimer de----- How far DO YOU (all of you out there) trust the current products to do what they are supposed to do?
Unless the customer is on an extreme low budget, I alway use a multistage design. Anything else would be irresponsible in my opinion. afx
I guess I have a bit of a problem with blanket statements like this one. It insinuates that there is a "one size fits all" solution to protecting a network which is clearly not the case. A risk analysis should be performed in order to determine what level of security is actually required. Let me throw out a few examples: Case 1: A pure Mac shop with an ISDN connection to the Internet. There are no internal IP services. Users connect through the ISDN connection in order to access POP mail from an ISP and browse the web. Case 2: A national bank running the latest UNISYS system with integrated NT server. System access is via IP. The bank has a T1 connection to the Internet and wishes to allow customers to administrate their bank accounts via the Internet. While these two cases are a bit extreme, it's clear that they do not require the same level of security. A multistage design for case 1 would probably be overkill. Again, this is all IMO. Insisting that a multistage design is always required so long as the customer can afford it, rings too much like a sales person who knows what they want to sell you before they even know what you need. Cheers, Chris ****************** cbrenton () sover net http://www.amazon.com/exec/obidos/ISBN=0782120822/9715-9242453-752818 Nothing is fool-proof to a sufficiently talented fool.
Current thread:
- Facts, not Fiction Hartmut . Fehling (Nov 07)
- Re: Facts, not Fiction Marcus J. Ranum (Nov 07)
- Re: Facts, not Fiction Darren Reed (Nov 08)
- Re: Facts, not Fiction Bennett Todd (Nov 10)
- <Possible follow-ups>
- Facts, not Fiction Andreas Siegert (Nov 12)
- Re: Facts, not Fiction Chris Brenton (Nov 13)
- Re: Facts, not Fiction Bennett Todd (Nov 14)
- Re: Facts, not Fiction Chris Brenton (Nov 14)
- Re: Facts, not Fiction chuck yerkes (Nov 14)
- Re: Facts, not Fiction Chris Brenton (Nov 15)
- Re: Facts, not Fiction Chris Brenton (Nov 13)
- Re: Facts, not Fiction Andreas Siegert (Nov 24)
- Re: Facts, not Fiction Marcus J. Ranum (Nov 07)