Re: [fw-wiz] Proxies, opensource and the general market: what's wrong with us?



On 2011-04-26 09:25, Tracy Reed wrote:
Yes. Here we have a problem somewhat like the classical meaning of "hacker" vs
the common meaning of "hacker". And this firewall vs packet filter debate may
not even have that much legitimacy. I can find a number of people who still
subscribe to the classical idea of a hacker but a few of the denizens of this
mailing list are the only ones I know of who insist on issuing a correction
when someone calls a packet filter a firewall. It just seems like pointless
snobbery.

But it is not. Network perimeter defence is an industry seriously hit by marketing bullshit from some vendors, who could not come out with a decent firewall, so redefined the term to be applicable to their products.
Doing this they came out with a definition which goes against basic security principles and empties the meaning of the word to the extent which makes nearly pointless to have "firewalls".
This led to a state of affairs where there is practically no discussion about a lot of important questions of network perimeter defense, because the majority of the "firewall" people are kept in a darkness about the issue to the extent that they do not have the background even to ask the right questions.
This means that even though those same vendors now would be in the position to implement actually meaningful features, they do not do it because they have conditioned their consumers to not think about such things.

When you see someone trying to correct this "firewall = packet filter" nonsense, you actually see a vain attempt to correct these mistakes. Because the first step is to meaningfully discuss something is to have meaningful definitions.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards