RE: DMZ, defined.

["graham, randy" <randy_graham () hq dla mil>]

Well, I was going to let this topic be and hope it died out, but here comes
something that makes me open my mouth again.  And while some have said this
discussion is inappropriate for this list, I can't see why it is.  We are
discussing how we communicate our technology, and if we don't clear this all
up, we can't communicate effectively.

        >From:  Frederick M Avolio [SMTP:fred () avolio com]

        >It is incredible to me that after someone like Steve Bellovin
reminds
        >everyone in a post what a DMZ is, the conversation continues and we
are
        >offered "opinions" from people who admit they are "new to
firewalls."
OK, so we've now established that Steve Bellovin is the firewall world's
equivalent of the french language board.  Apparently he defines the terms we
use.

Sound silly to say that, doesn't it?  That's because we don't have a
language board determining how firewall talk is conducted.  So, Steve may
have told us what the original meaning or intent was (don't remember the
post, and I haven't gone back to look it up yet), he doesn't have the power
to make everyone speak that way.

        >Discussion is useful when people are trying to form a consensus, or
when
        >they are trying to formulate something (such as a definition).
Discussion
        >is really thrashing when we give our opinions about something that
is not
        >open for debate -- in this case the definition of a term that has
been used
        >for 4 or 5 years now.
As I said when I first responded to this thread, all language changes.  I
will agree that something as narrow as one term should be relatively easy to
nail down a definition on, but my exposure to others in the firewall
community indicates this is not the case.  Sure, I am inexperienced in this
field.  But I'm not trying to define the term - I just use C&Z for anything
I need to know, and if I am told I am saying something incorrectly, I will
fall back to my good old O'Reilly book to straighten myself out.  On the
other hand, since I am trying to get into this, I associate with others I
know that do work with firewalls and/or computer security.  Some of them
don't have quite the focused definition of some firewall terms (especially
DMZ) that some on this list have.  Are they wrong?  I don't know.  Instead
of trying to figure out who's right or who's wrong, I try to figure out what
they mean and communicate with them using their understood terminology.  And
yes, I am talking about people with experience - not total rookies like
myself.

        >Terms, to be useful, have meanings. While meanings do not have to
be
        >universal, they should be bounded be *something*. A technology
area, for
        >example. So, "firewall" can mean one thing in home building and
another
        >thing in network security. But if it has "personal" meanings to
        >individuals, then it ceases to be a useful word.
Well, I'm not talking about an individual with his/her own idea of what a
DMZ is.  I am talking about several people I've worked with, seemingly
experience in the field, who seem to share a common definition of the term
that differs from what the authorities here have declared is the correct and
proper usage of the term DMZ.  I don't know if this fits with your bounding
concept, but maybe that's what you mean?  After all, it is bound by a group
association.

        >DMZ is a defined term. It is not a matter of opinion. One can say
that
        >because it is defined, it is not something one can hold an opinion
on. (I
        >know that don't teach absolute truths in university today, but
there you
        >have it.) Read smb's post or the papers to *know* what a DMZ is.
Firewall
        >is also a well defined term.
Ever check out the Oxford English Dictionary?  Some of the words take 3 or 4
pages because the OED tracks the meaning of words over time.  What I've said
before, and what I am offering here, is that even though this is a young
field, already the vocabulary may be changing.  Sure, this may be the result
of rookies coming in and redefining a word simply by sheer numbers.  But
even if the veterans disagree, my guess is if they don't accept the change,
they will soon be pushed out by the younger crowd (like it or not, our
industry as a whole favors the young) simply because they wouldn't adapt to
what is happening.

I don't pretend to be able to define what terms others can use.  As I've
pointed out before, I am __WAY__ to inexperienced to have any sway.
However, I recognize the need to learn from others.  And when those others
use a word or phrase differently from how I expect it to be used, I try to
learn what they mean and make sure I do my best to communicate with them
using their terminology.  I have seen posts from others on this list who
come across as having the attitude of "You use different definitions than I
do, therefore you do not know what you are talking about - I will ignore
you."  These are the people I fear will go from being viewed as veterans and
experts of the field to being viewed as dinosaurs who just need to go away.
Far more important than being right is advancing everyone's potential, I
think, and that can be helped in large part by working no the langauge and
accepting that things may need to change to keep everyone on the same page.

        >Fred
        >Avolio Consulting
        >16228 Frederick Road, PO Box 609, Lisbon, MD 21765
        >410-309-6910 (voice)           410-309-6911 (fax)
        >http://www.avolio.com

Randy Graham

p.s. Apologies for not responding until Tuesday to a message sent on a
Friday (at least according to the message headers).  I just got the email
last night.