Firewall Wizards mailing list archives
Re: The Death Of A Firewall
From: Victor Williams <vbwilliams () neb rr com>
Date: Tue, 19 Jul 2005 08:56:14 -0500
I think it's misleading.The article is titled "The Death Of A Firewall". Yet, in the fourth paragraph, "By defining simple ACLs, we further isolate our backend servers."
The word *firewall* is just another way to say ACL. But firewall has somehow morphed into this word meaning that some *hardware device* needs to be sitting between us and cruel world.
They should have titled the article "The Death of the single-function hardware firewall appliance". Even so, I thought the content was pretty worthless. Any administrator worth their salt knows that the firewall is only a step in the total security of a solution. What the article described is something that people have already been doing when building new application networks. Until very recently, you couldn't do any *stateful* ACLs with as many OS'es or network devices. Now that has changed for the better I believe.
The firewall as the be-all/end-all appliance has been dead for years. Why did we need someone to write an article that basically described best-practices like it's some revelation?
James Paterson wrote:
http://www.securitypipeline.com/165700439 Be interesting to get the communities take on this article. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- The Death Of A Firewall James Paterson (Jul 18)
- Message not available
- Re: The Death Of A Firewall Marcus J. Ranum (Jul 21)
- Message not available
- Re: The Death Of A Firewall Kerry Thompson (Jul 21)
- Re: The Death Of A Firewall Martin Hoz (Jul 21)
- Re: The Death Of A Firewall Christine Kronberg (Jul 21)
- Re: The Death Of A Firewall Devdas Bhagat (Jul 21)
- Re: The Death Of A Firewall Victor Williams (Jul 21)
- Re: The Death Of A Firewall Josh Welch (Jul 21)
- Re: The Death Of A Firewall Kevin (Jul 21)
- <Possible follow-ups>
- RE: The Death Of A Firewall bill.price (Jul 21)