RE: Distributed Firewall
From: David Gillett (gillettdavid@fhda.edu)
Date: 04/23/03
- Previous message: Stephen Wilcox: "cable providers"
- In reply to: Kendric: "Distributed Firewall"
- Next in thread: Kendric: "Re: Distributed Firewall"
- Reply: Kendric: "Re: Distributed Firewall"
- Reply: Hannes Tschofenig: "Re: Distributed Firewall"
- Reply: A Packard (Bugtraq): "RE: Distributed Firewall"
- Reply: Ken Kousky: "RE: Distributed Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "David Gillett" <gillettdavid@fhda.edu> To: "'Kendric'" <Kendric@hotpop.com>, <security-basics@lists.securityfocus.com> Date: Wed, 23 Apr 2003 10:10:34 -0700
> -----Original Message-----
> From: Kendric [mailto:Kendric@hotpop.com]
>
> Hi, just wondering if any of you guys heard of this concept
> of distributed
> firewall? I have done some research on it and found it to be quite a
> wonderful concept into bringing the firewall platform to each
> client/server
> end with a central management policy. In other words, it is
> like having a
> personal firewall on each individual machine, but centrally
> managed by a
> remote management console. In this way, we will not have to
> put any trust
> even on the machines on the intranet. Any comments?
I think the idea probably has some merit as part of a "defence
in depth" approach.
But I don't think it's sufficient on its own, because the
resources that need to be protected do not exist just on the
individual machines. The network which connects them -- upon
which this approach DEPENDS rather heavily! -- lies outside
the boundary of what can be protected this way.
A network which includes both gateway firewalls and individual
host security is going to be a harder nut to crack than a network
that relies on only one or the other approach. And centralised
administration of individual-host firewalls is an idea whose time
is surely here.
David Gillett
---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
world's premier event for IT and network security experts. The two-day
Training features 6 hand-on courses on May 12-13 taught by professionals.
The two-day Briefings on May 14-15 features 24 top speakers with no vendor
sales pitches. Deadline for the best rates is April 25. Register today to
ensure your place. http://www.securityfocus.com/BlackHat-security-basics
----------------------------------------------------------------------------
- Previous message: Stephen Wilcox: "cable providers"
- In reply to: Kendric: "Distributed Firewall"
- Next in thread: Kendric: "Re: Distributed Firewall"
- Reply: Kendric: "Re: Distributed Firewall"
- Reply: Hannes Tschofenig: "Re: Distributed Firewall"
- Reply: A Packard (Bugtraq): "RE: Distributed Firewall"
- Reply: Ken Kousky: "RE: Distributed Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
