Re[2]: [fw-wiz] Worms, Air Gaps and Responsibility

From: Eric Maiwald (emaiwald_at_fred.net)
Date: 05/07/04

  • Next message: Rogan Dawes: "Re: [fw-wiz] Worms, Air Gaps and Responsibility" 
    To: firewall-wizards@honor.icsalabs.com
Date: Fri, 7 May 2004 11:24:03 -0400 (EDT)

    On Fri, 7 May 2004, Marcus J. Ranum wrote:
    > Well, the Cisco self-protecting network stuff is basically that concept. The
    > idea is to partner with A/V vendors and have a plug-in to the A/V software
    > that interfaces with firewalls and switches to make sure the portable
    > machine is "up to scratch" - I think the concept is good but fairly primitive.
    > If it works, though, there's all kinds of potential for interesting horizontal
    > integration (e.g.: "call H.R. and decide if this guy is still an employee..")
    > That was all announced in November; I don't know how vaporous it is.

    Zone Labs had something like this that they were working on as well.
    Aventail had (still has maybe?) a consortium called EdgeSec that
    was supposed to address this concept. I don't know how far that went.
    Their concept was not limited only to AV but also to desktop firewall
    (version and policy) and VPN.

    I believe that the VPN was to be the mechanism to convey the information
    to the server. The server would then make a determination about how
    much connectivity the client would receive. It might be full connectivity,
    or some type of quarantine so that the client could be updated.

    Eric

    ---------------------------------------------------------------------
    Eric Maiwald So Many Hobbies,
    emaiwald@fred.net So little time

    "A compromise which results in a half-step toward evil is all wrong."
                  --Theodore Roosevelt
    ---------------------------------------------------------------------

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Rogan Dawes: "Re: [fw-wiz] Worms, Air Gaps and Responsibility"

    Relevant Pages

    • Re: Program that requires drive letter fails
      ... I disabled the antivirus client and there are no firewalls enabled. ... client and server are on the same IP subnet, ... related to permissions, but I am puzzled because if you don't map a drive ...
      (microsoft.public.sms.admin)
    • Re: [fw-wiz] Phrack #60: "Java tears down the Firewall"
      ... > kind of attack? ... If you mean: client speaks active, server speaks passive: yes, the ... If you mean: client speaks passive, server speaks active: well, then ... is this the same "can" that dictates that proxy firewalls "can inspect ...
      (Firewall-Wizards)
    • Re: Swing client to App Server
      ... Now we're asked to write a Swing to app server ... while going through firewalls is possible, ... Again, they can work, even if both client and server are hidden ...
      (comp.lang.java.programmer)
    • RE: Intermittent VPN connection problems
      ... server ... Client - Windows XP Pro, no additional firewalls, accessing through cable ... I am the only client accessing remotely. ... You are correct - I am sometimes unable to establish an initial connection, ...
      (microsoft.public.windows.server.sbs)
    • Re: hardware firewall
      ... > comment was about firewalls and security based on his question. ... about installing a hardware firewall outside his wintendo boc) ... > server on anything, or that you've never run it on a quality hardware ... I mean down-time of an additional windows machine, ...
      (comp.security.misc)