Re: [fw-wiz] tunnel vs open a hole

From: Magosányi Árpád (
Date: 04/11/03

  • Next message: Gary Flynn: "Re: [fw-wiz] tunnel vs open a hole"
    To: George Capehart <>
    From: (Magosányi Árpád)
    Date: Fri, 11 Apr 2003 06:11:32 +0000

    A levelezőm azt hiszi, hogy George Capehart a következőeket írta:
    > professionals. There *does* exist a well-defined IT governance model:
    > see There is also a model for
    > accountability that I personally like (but at which everyone would like
    > to duck and run for cover) . . . see
    > (the certification and

    My favourite mania recently!

    Add BS7799-2:2002 (not to be confused with ISO17799, which is a crap), and you have the whole
    IT security covered. Just realize that which methodology is the best for
    which area (CC: technical controls and requirements, Cobit: processes,
    roles, and responsibilities, BS7799-2: process control modell) and
    understand that IT security is a continually enhancing and changing process
    which should be handled in an integrated way with other process control
    modells: ISO900x, IT strategy, etc.
    All of these methodologies (maybe with the exception of CC) try to cover
    all areas of security, but they all have _one_ area where they are
    useable. And of course a methodology is just a methodology. To make
    it useful, you have to use your brain and common sense.

    GNU GPL: csak tiszta forrásból
    firewall-wizards mailing list

  • Next message: Gary Flynn: "Re: [fw-wiz] tunnel vs open a hole"