On Mon, Dec 28, 1998 at 11:38:05AM -0500, Tom Neff wrote:
| > The score for security is about 1/3 of the total score. I submit that
| > someone hasn't thought through the function of a firewall.
|
| I agree that security shouldn't be "weighted" in a mix with unrelated factors.
| But I do think that completeness of security is a legitimate factor in the
| buying decision, since the project being protected may have a
| limited budget -- and a manageable downside in case of sustained attack.
|
| I also think that ease of use is important, because a difficult interface
| increases the likelihood that important components in a theoretically high
| security rating will be misconfigured or go unused, thus lowering the overall
| security of the system.
Its worth noting that the firewall that introduced ease of use as a
selling factor has been criticized for the ease with which minor
misconfigurations happen, and the poor use of things like "fw-1
essential services,' keywords such as mail causing unexpected
interactions, etc. One might question if ease of use is actually
useful without more sanity checks built in.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
