Firewall Wizards mailing list archives
Re: Forrester Research foresees death of firewalls
From: Joseph S D Yao <jsdy () cospo osis gov>
Date: Mon, 21 Jun 1999 11:33:39 -0400 (EDT)
OK, forgive my daftness, but why would an e-commerce site need to have "easy access to corporate systems"? I would think that e-commerce systems would be fairly self contained and could all be placed in front of the firewall or in the DMZ. I would think that most of the commerce related systems (web server, inventory, payment and order systems, etc.) of big e-commerce sites like amazon.com would be this way and the rest of the systems (corporate, accounting, IT, what have you) would be well protected behind a firewall or two.
They probably still don't teach Ec or Business [real business vs typing and using word processors] in high schools. I avoided such classes in college, myself; but was tricked into one because it was labelled "Software Engineering". Most instructive. ;-) Selling does not occur in a vacuum. The output has to go to Production, Delivery, Inventory, Manufacturing, even [perhaps driven by] Marketing; and then [most importantly] Billing and Accounts Payable. All of these are INTERNAL corporate functions, and are mostly integral parts of the Corporate Accounting system. The trick is to loosely couple the inside and outside, rather than tightly couple them; but still be able to reliably authenticate purchasers. If your outside [e-commerce] is tightly coupled to the inside, then anyone who subverts the web site has your entire operation by its most sensitive parts. If it is loosely coupled, then where is your authentication database? How can you verify that what's coming in is REALLY what the customer ordered? How can you verify that it was really your customer? These are hard but not intractable problems. Some prefer the easy answers [that ignore such questions]. -- Joe Yao jsdy () cospo osis gov - Joseph S. D. Yao COSPO/OSIS Computer Support EMT-B ----------------------------------------------------------------------- This message is not an official statement of COSPO policies.
Current thread:
- Forrester Research foresees death of firewalls SMITH, Michael @Ottawa (Jun 15)
- Re: Forrester Research foresees death of firewalls Rama Kant (Jun 15)
- Re: Forrester Research foresees death of firewalls Rick Smith (Jun 16)
- Re: Forrester Research foresees death of firewalls Technical Incursion Countermeasures (Jun 16)
- Re: Forrester Research foresees death of firewalls Tim Kramer (Jun 16)
- Re: Forrester Research foresees death of firewalls Adam Shostack (Jun 20)
- Re: Forrester Research foresees death of firewalls David LeBlanc (Jun 20)
- Re: Forrester Research foresees death of firewalls Adam Shostack (Jun 21)
- Re: Forrester Research foresees death of firewalls David LeBlanc (Jun 20)
- Re: Forrester Research foresees death of firewalls Kevin T. Shivers (Jun 20)
- Re: Forrester Research foresees death of firewalls Paul D. Robertson (Jun 20)
- Re: Forrester Research foresees death of firewalls Joseph S D Yao (Jun 21)
- <Possible follow-ups>
- RE: Forrester Research foresees death of firewalls sean . kelly (Jun 16)
- Re: Forrester Research foresees death of firewalls Robert Graham (Jun 20)
- Re: Forrester Research foresees death of firewalls Bennett Todd (Jun 21)
- Re: Forrester Research foresees death of firewalls David LeBlanc (Jun 21)
- Re: Forrester Research foresees death of firewalls Bennett Todd (Jun 21)
- RE: Forrester Research foresees death of firewalls sean . kelly (Jun 20)
- RE: Forrester Research foresees death of firewalls sean . kelly (Jun 21)
- RE: Forrester Research foresees death of firewalls Doug Hughes (Jun 22)
- Re: Forrester Research foresees death of firewalls Stephen P. Berry (Jun 22)
- RE: Forrester Research foresees death of firewalls Doug Hughes (Jun 22)
- FW: Forrester Research foresees death of firewalls Harvey Nusz (Jun 21)
- Re: FW: Forrester Research foresees death of firewalls Darren Reed (Jun 22)
(Thread continues...)
- Re: Forrester Research foresees death of firewalls Rama Kant (Jun 15)