Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Defense in Depth to the Desktop

From: Rogan Dawes <discard () dawes za net>
Date: Mon, 06 Dec 2004 10:24:19 +0100
Chris Pugrud wrote:

Defense in Depth to the Desktop
the Strong Internal Network Defense model



[ snip excellent analysis ]


Questions? (aka, what have I missed?)
I've been trying to come up with some way of firewalling individual clients (i.e. at a switch level), by defining a policy of who is allowed to connect to what, at a very granular level. Your analysis kind of short-cuts that whole approach, by taking a much less granular approach to things. I think it could be very effective. I particularly like the way of segregating servers based on their need to initiate connections to clients or not. 

Good stuff! I look forward to seeing more discussion on this list.


Chris


Rogan
--
Rogan Dawes

*ALL* messages to discard () dawes za net will be dropped, and added
to my blacklist. Please respond to "lists AT dawes DOT za DOT net"
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: