Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Access Control, Authentication, and Perimeter Security

From: Smith Gary-GSMITH1 <Gary.R.Smith () motorola com>
Date: Wed, 21 Mar 2001 13:54:39 -0600

I received an email recently from eWEEK magazine that they were having an
eSeminar on "Securely Managing Business." Within the mail was a list of
things attendees would learn. One item that particularly caught my eye was
[sic]

        * How access control and authentication can (and must) supersede
        perimeter security designs

This seems extremely daft-brained to me. Access control and authentication
ARE part of perimeter security. Getting around perimeter security for access
control and authentication sounds like building The Great Wall of China and
putting in revolving doors as an afterthought. Or a direct connection
between a DMZ and the internal company net.

Thnking about this sort of thing from the standpoint of the physical
security of a building or campus, the perimeter is the first line of defense
from intruders. Employees must pass by a security guard and do some form of
authenitcation thru a device. At the delivery gates, there are multiple
cameras watching. For a truck to make a delivery, the driver speaks into a
microphone stating his purpose, to whom he reports, and where all the time
under scrutiny of CCTV. The authentication and access control are integrated
into the perimeter defense as one of the rings of security.

Are there circumstances where access control and authentication should take
precedence over perimeter defenses?

Regards,       ------- __o
               ----- _`\<,_
               ---- (*)/ (*)
Gary Smith
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: