Firewall Wizards mailing list archives
Firewall Management
From: "Safier, Adam (GEIS)" <Adam.Safier () geis ge com>
Date: Thu, 18 Sep 1997 15:42:25 -0400
OK, let me kick off potential discussion on this list by asking How are people managing remote firewalls in LARGE distributed networks? Say 100 firewalls minimum on 35 Networks with several layers of firewalled subnets/extranets with slight variations in policy. After installing the box and turning on the power I'm interested in: - Centralized management of policy (Policy should not change frequently.) - Local control of authorization for individual users (You and your boss know what you need to access for your job.) - An option for central control of individual authorization or cross realm authorization. - Central control of degrees of authorization (Authorize the authorizers to selected systems.) - Centralized activity reports, alarm handling, other log analysis. AI based intrusion detection would be real nice. - Log archiving. - Attack reaction tools - At the touch of a button the system notifies CERT, archives relevant logs, tries to trace to the attack source (CARS*), shuts down access to compromised systems and makes me a cup of hot chocolate. Add your favorite requirements here.................... How many people do you need to manage a real life network with 100 firewalls? 1000 firewalls? What part of 1000 firewalls can be managed centrally and what must be managed locally? Next year I will try to answer my own questions. Adam * CARS - "Cooperative Attack Reaction Systems". Would system managers be willing to run a daemon that on a request from a "trusted partner" would trace the account and source of a connection? Trusted partners would trade keys to keep access to the application secure. If my system is attacked from your system I send you a CARS request to track the origin of the attack within your system. You come up with account info + whether this session is really being run over a link. If it's coming in over a link you pass a CARS request down the link. Within seconds the attack is traced through 73 hops, 4 satellites and across 7 continents to the attackers home system and the police are notified. They trust CARS totally and turn on their null-Green Ray which causes the video display to emit in one burst all the green PC energy it saved over years of being left on overnight. My attacker is fried! It's strictly imagination ware at this time. Anyone out there with some spare development change? --------------- Adam Safier, Network Engineer/Security Consultant GE Information Services, Inc. 401 North Washington St., Rockville, Md. 20850 Ph: 301-340-5737 Internal: 8*273-5737 Fax: 301-340-4005 Adam.Safier () geis ge com http://www.geis.com I'm proud to live in a country where I can express my personal opinions. The opinions above may not be shared by my employer. ---------------
Current thread:
- Firewall Management Safier, Adam (GEIS) (Sep 18)
- <Possible follow-ups>
- FW: Firewall Management MSITMI02 . XZ46G8 (Sep 19)
- RE: Firewall Management Safier, Adam (GEIS) (Sep 19)