Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Too Paranoid?

From: Dave Piscitello <dave () corecom com>
Date: Sun, 29 Sep 2002 20:45:45 -0400
Brief postscript to my earlier mail, partly in response to Fred.
And Fred's right that "should" was a keyword...
Most vendors, even many security vendors, don't appreciate the full picture in even the smallest of real world deployments. But I failed to mention that in the scenario I mentioned where the SCO box was "wide open", we audited the system, listed our concerns, and gave them not to the engineers and ops folks, but the sales person. 

It was *his* BMW on the line, in return for *our* security peace of mind.

Your sales rep can often be your champion in your vendor's shop. In this case,
we asked them to make what I'd consider reasonable efforts to harden the SCO box, and we came to agreement on a configuration that would minimize fallout should their box be compromised. Wasn't perfect, but it was far better than the "accept as is" configuration. 

At 08:10 PM 9/29/2002 -0400, Frederick M Avolio wrote:
Most reputable vendors behave just as this one does. They are certain it is Not So Bad. And in their mind, it is not. Because all they know is firewalls make things secure and it can work with the firewall in place, as long as you poke a hole or two through it. 


David M. Piscitello
Core Competence, Inc. &
3 Myrtle Bank Lane
Hilton Head, SC 29926
dave () corecom com
843.689.5595
www.corecom.com



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: