Pardon my .02 but... Does it not make sense to have security at both levels... Tighten the user boxes, the servers AND the firewall. I mean you stil have to have certain ports open for communications and those ports are the primary targets for intrusion, worms, malware and all that other wacked stuff..
With centralized logging, an IDS, a firewall, antivirus and a few other tricks you get a clearer picture of the traffic, fewer open "holes" to monitor and more confidence (if at all possible in the security context) that some sleep might be anticipated...;-p Again - just my .02... -----Original Message----- From: Robert D. Hughes [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 08, 2002 6:34 PM To: [EMAIL PROTECTED] Subject: RE: Hardening VS firewalling ? I find that I can hardly call a single point of failure an "advantage". -----Original Message----- From: Devdas Bhagat [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 08, 2002 4:29 AM To: [EMAIL PROTECTED] Subject: Re: Hardening VS firewalling ? Another advantage of a firewall is that is provides for a centralized source of logs, and a single point of failure. This makes the administrators job easier, not having to correlate logs from a few dozen sources, but only one or two.
