Hello all,
I've seen a lot of questions regarding best firewalls, etc...Much of this
may not be anything new (-so call me Columbus); however, sometimes it is
best to look at the basic facts of what a component can or is needed to
do...
My two cents relating to firewalls:
1) To me, the degree to which firewalls keep away hackers is somewhat less
relevant. For the most part, they all do what they are supposed to in
regards to telling a hacker, "hey, at least we've got something in place."
(before you hammer me on this one, I am talking 'in general' and 'overall')
2) Better to look at performance(throughput,etc), concurrent sessions,
manageability, scalability, and the ability to integrated with other
security modules. THIS is where you will find the right firewall. Few things
are worse than a firewall that is unfriendly to manage.
3) Note- Firewalls address 20% to maybe 35% of the potential security
threats to a company.
4) ALL connected stand alone firewalls are hackable. Yes all.
5) A firewall should NEVER be left without a co-existing IDS solution,
especially if one is 1/2 way serious about securing and managing the
network.
Bottom Line:
Companies must eliminate the mindset that any one firewall is their answer
to being protected. It takes a combination of different software, hardware
and good people that want to continue to learn.
I guess it's time to step down off my soap box...
Cheers !
Ken Day
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
