Re: [fw-wiz] Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)

On 28/05/06 09:52 -0400, Marcus J. Ranum wrote:
Devdas Bhagat wrote:
Only the Sith deal in absolutes.

OK, so we need to come up with a good "sith name" for me. :)

Darth Sidious, Darth Marcus...

This notion that security is a matter of degree is accurate in the large
but inaccurate in the small. Unfortunately, we're all dealing with the
small.

Not necessarily. This thread is dealing with the options in combining
components. Should we go with a large application in a box, a box with
multiple smaller applications put together by the vendor, or do we go
with multiple boxes, each doing one thing well?

While most of us would automatically say the third, the first offers
features and possible ease of management while the second offers ease of
management and the possibility that everything will work correctly with
minimum hassle.

The original question was about using the first or second option instead
of the third. What we have no clue about is what resources are being
defended, what the value of those resources is, what the time of the
management team for the firewalls costs, what resources are already
deployed....

The answer is 42.

While the answers on this may say "Industry leaders say that we should
use multiple boxes", it does nothing to help answer the question of
actual suitability of the system(s) in question to deliver a desired
level of security.

Devdas Bhagat
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Relevant Pages

  • Re: NASAs vision lost on Web generation
    ... Your great concern for the taxpayers is noted. ... Wasting resources doesn't contribute to the greater good. ... contributed to resourced management. ... the books to make the case for shuttle. ...
    (sci.space.shuttle)
  • Re: VIO Server, and virtual resource provisioning
    ... Management is asking ... Then you make another table with the total resources of each managed ... applied toward a spreadsheet as well. ... $lsdev -type disk ...
    (comp.unix.aix)
  • Re: MS Project lacks basic project management features!
    ... I realize that it does not plan for ordering or replenishment of material resources nor does it do any inventory management of materials nor plan production around material availability. ...
    (microsoft.public.project)
  • Re: Getting Users to USE MS Project
    ... with all the resources for each of them. ... so I had a meeting with management and here's where we are. ... daily basis anyway. ... professional schedulers to do the daily entry and updating of the ...
    (microsoft.public.project)
  • Re: AD group logon script question
    ... the purpose of each OU he was supportive of the design. ... to a specific site, from another site's resources. ... It's coming up with that "well-defined group management methodology" that I ... > membership as required. ...
    (microsoft.public.scripting.vbscript)