1999-05-28-08:52:35 [EMAIL PROTECTED]:
> [...] Nonetheless, I still feel that constructive advice is missing. At the
> end of the day, what's the original poster to do? Tell the department that
> wants to access DCOM to get lost? Or chuck the firewall? Or both?
Better still, avoid such extremes altogether; instead, pursue an analysis of
what risks the protocol and apps bring with them, whether and if so how they
can be controlled, along with what benefits they'd bring the organization, and
come to a considered, measured judgement as to the wisest course to take. May
end up being tossing the protocol. May end up being tossing the firewall. May
end up being an encrypted tunnel from the users' desktops to a sacrificial
machine in the DMZ, on which the client app is run. And whatever it is, if the
_reason_ for the decision is carefully described, along with the procedure
that was used to reach it (and hence the procedure that will have to be used
to revise it), then the security policy gains authority, whereas if the policy
just snaps to an unconsidered extreme conclusion it will lose authority.
And as long as all the reasoning is captured, the bulk of the document remains
valuable even when changing tools and facilities produce a new, better answer
to the question "what's to be done with this protocol". E.g. people find a way
to cross-breed IPsec with PKI, and then foster some kind o' relation between
that and the access controls and type enforcement and whatnot of multilevel
secure OS technology, and all of a sudden you can turn off the firewall, and
implement the policies and restrictions it needed to enforce in a flexible,
distributed fashion --- users can run whatever putrid apps they want on their
desktops, but if the apps use un-blessed protocols they automatically get
locked in a sandbox right there in the user's workstation, and the shape of
the sandbox reflects the security sensitivity of the other resources on or
available to that machine, dynamically.
The answers are gonna be changing all the time, far faster than the questions;
you've gotta show all your work on the test to get the points.
-Bennett
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
