On Thu, 27 May 1999 07:19:16 -0400, Frederick M Avolio <[EMAIL PROTECTED]>
wrote:
>There is more discussion about a firewall vendor's dropping support of an
>operating system than there is about whether they do things as securely as
>they could.
Ok, I'll bite, being one of the people on the Gauntlet-users mailing list
upset that NAI will be phasing out support for BSDI.
While not disagreeing about the value of security (duh!), the platform is
also important, and plays a major role in the overall security of the system:
- The administrator's knowledge of, and familiarity with, the underlying
operating system is a key component of the overall security of a firewall
system. Having to migrate to a new OS will weaken security in the short
term while the administrators get up to speed. This doesn't even take into
account the cost in time & resources in having to migrate to a new platform
for organizations who have heavily invested in the now-unsupported platform.
- The vendor's (NAI) option for customers who want to stay on the Intel
platform seems to be to migrate to NT. I won't comment on this, other than
to say that many (most) security experts still distrust NT.
-Larry
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
