nanog mailing list archives

RE: I don't need no stinking firewall!

From: "George Bonser" <gbonser () seven com>
Date: Sun, 10 Jan 2010 17:40:01 -0800

I certainly understand and agree with your position, in most cases,

but

there are some instances when a firewall serves an excellent purpose.
As an
example, we manage hundreds of heterogeneous servers where customers
also
have administrative access to the devices.  As such, we can never be
sure
they haven't changed something that can negatively impact the security
of
the server or servers.


Firewalls do have a purpose and I don't think anyone disputes that.  I
certainly have firewalls in my network.  What I believe the argument
here is about is which kinds of traffic does one use a firewall for and
which kinds of traffic are best left to other devices to handle access
control/management.

And I don't believe anyone is necessarily advocating exposing individual
servers directly to the internet either.  There are other devices that
can handle isolation of the servers and protect them against such things
as syn floods.

Current thread:

Re: I don't need no stinking firewall!, (continued)
- - - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 08)
    - Re: I don't need no stinking firewall! Joel Jaeggli (Jan 08)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 08)
    - Re: I don't need no stinking firewall! Joel Jaeggli (Jan 08)
    - Re: I don't need no stinking firewall! harbor235 (Jan 09)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 09)
    - Re: I don't need no stinking firewall! harbor235 (Jan 09)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 09)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 09)
    - Re: I don't need no stinking firewall! Michael K. Smith (Jan 10)
    - RE: I don't need no stinking firewall! George Bonser (Jan 10)
    - Re: I don't need no stinking firewall! Randy Bush (Jan 10)
    - Re: I don't need no stinking firewall! Brian Keefer (Jan 10)
    - RE: I don't need no stinking firewall! George Bonser (Jan 10)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 10)
    - RE: I don't need no stinking firewall! George Bonser (Jan 10)
    - Re: I don't need no stinking firewall! Warren Kumari (Jan 13)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 13)
    - Re: I don't need no stinking firewall! Bill Stewart (Jan 14)
    - Re: I don't need no stinking firewall! Joe Maimon (Jan 14)
    - Re: I don't need no stinking firewall! Valdis . Kletnieks (Jan 08)

(Thread continues...)