RE: [fw-wiz] FW appliance comparison - Seeking input for the forum

• From: Cat Okita <cat@xxxxxxxxxxxx>
• Date: Thu, 19 Jan 2006 15:28:31 -0500 (EST)

I immediately trained in on 'actively developing.'  Which means that 5 years
after AD became widely used, there's still not a good proxy for it yet.  It
shouldn't be rocket science since it's kerberos, LDAP, NetBIOS, RPC, and
COM.  It also shouldn't have to come from a third party vendor.  But I
digress.

... and I'll digress a bit further.  AD may be 'just' kerberos, LDAP,
NetBIOS, RPC and COM - but if you've ever spent any time doing integration
work with AD, it becomes quickly apparent that the combination is by
no means simple or straightforward.

Right, but policy is equally useless without mechanisms capable of enforcing
it.  And while there are vendors out there that write security proxies for
specific applications and protocols, the products that are out there still
only support a tiny fraction of the protocols present on the average
corporate network.

Not to discount the power of application proxies, but they're far from a
single solution.

I think everybody on this list would agree that there's no single solution,
but that incremental improvements are far better than waiting for the
ultimate solution.

cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet.  This is the defining metaphor of my life right now."
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• References:
  • RE: [fw-wiz] FW appliance comparison - Seeking input for the forum
    • From: Paul Melson

• Prev by Date: [fw-wiz] Re: PIX v7: routing without NAT
• Next by Date: Re: [fw-wiz] FW appliance comparison - Seeking input for the forum
• Previous by thread: RE: [fw-wiz] FW appliance comparison - Seeking input for the forum
• Next by thread: RE: [fw-wiz] FW appliance comparison - Seeking input for the forum
• Index(es):
  • Date
  • Thread

Relevant Pages RE: [fw-wiz] Worms, Air Gaps and Responsibility ... > are involved in Kerberos communications? ... "A cat spends her life conflicted between a deep, passionate and profound ... desire for fish and an equally deep, passionate and profound desire to ... (Firewall-Wizards) Re: [fw-wiz] suggestions for anitvirus in gateway ... AV vendor should be active. ... >"A cat spends her life conflicted between a deep, passionate and profound ... >desire for fish and an equally deep, passionate and profound desire to ... (Firewall-Wizards) Re: Product review postings - Suggested Solution ... > When product reviews are sent to the list regardless of the source I can ... "A cat spends her life conflicted between a deep, passionate and profound ... desire for fish and an equally deep, passionate and profound desire to ... (Pen-Test) Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name ... is different from another organization paid to provide trust. ... "A cat spends her life conflicted between a deep, passionate and profound ... desire for fish and an equally deep, passionate and profound desire to ... (Bugtraq) Security through Obscurity [was RE: [fw-wiz] Using RDP Port 3389] ... Speaking of security through obscurity, ... "A cat spends her life conflicted between a deep, passionate and profound ... desire for fish and an equally deep, passionate and profound desire to ... (Firewall-Wizards)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint