Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: The Death Of A Firewall

From: sai <sonicsai () gmail com>
Date: Tue, 1 Nov 2005 13:31:46 +0500
It sounds way too complex..he still has the network, its just in a
virtual OS, but now he has the added layer of the virtual OS.

sai

On 10/26/05, Julian M D <julianmd () gmail com> wrote:

So basically he's saying that he's safer now because of the "DMZ" created
by
the L3 Switches???? with 3 layers of application servers running in VIRTUAL
OS's????
 I'd say the safest method is the one that best suits your needs, not only
from the security point of view, but TCO, ROI, manageability...etc.
 What I agree on is the fact that, security must be covered from
INSIDE-OUT.
  Julian Dragut
Secure the LAN first
    On 10/17/05, Pedski <pedski () optonline net> wrote:


James Paterson wrote:


http://www.securitypipeline.com/165700439

Be interesting to get the communities take on this article.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards




This is a model that has holes...
router acl are not statefull.
they seem to have some secutiy by means of DMZ
the managemnt overhead of this is high..sometimes is not that easy
deploying patches if the vulnerabilty came in the night...meaning if you
are blocking everything with a firewall you bought yourself some
time....in this case they are open ...the term raise their immunity to
exists in hashers condition sounds really nice...but often attacks or
worms come like a thief in the night......

there is something flawed with this architecture.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards





_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: