Re: Killing Napster and beyond...

[Brad Van Orden <Brad.VanOrden () navius com>]

Vern Paxson wrote:
> > Firewalls are to protect you from those Bozos that are not under your control.
>
> Some of these are your own bozos [tm].  I.e., you don't want to trust
> your internal users to keep their machines secure, run only particular
> services, etc.  (Or to stick with your use policies.)
>
> My point being that I think the "technology can't solve social problems"
> mantra, while very catchy, is misleading.  There's a whole subset of social
> problems that technology can indeed help with / solve.  One piece of this
> is user education.  For example, blocking your users' access to certain
> sites, while circumventable if they want to put enough effort into it,
> reminds them that such access violates your policies.  This can help a
> whole lot in a large site over which you don't have much direct control.
>
>                 Vern

I don't disagree, I am just trying to point out that sometimes the people
we have to educate are the managers.  That is, yes we can block some ports
on the firewall, but that is not a guarantee that an internal user won't
find a way around it.  The manager needs to understand that it is his job
to control the activities of his people and that he just can't tell the
firewall manager to block some ports and think that is the end of it.  The
manager needs to spend some time educating his people about what is
acceptable use of Internet access and what isn't.

Regards,

Brad Van Orden
Navius Technologies

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards