Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Telco's write best practices for packet switching networks

  • From: Rob Quinn
  • Date: Wed Mar 06 10:39:02 2002

> When you've got a deployed server, run by clueful people, dedicated to a
> single task, firewalls are not the way to go.

 Probably.  And I would certainly rate "clueful people" _far_ above a firewall
when it comes times to prioritize your security needs and resources.

> What are you going to do with a firewall?

 Compared to your average application, firewalls often have
 -better logging (more detail, adjustable, not on the vulnerable device);
 -vendors focused on security;
 -add-ons like IDS that can benefit from the superior logs;
 -firewall admins focused on security and who do security every day;
 -better response capability for unplanned/unanticipated security issues.

> chose a resilient and flame tested daemon, and watch the patchlist for it.

 You've never seen a security vendor come out with a patch or workaround before
an application vendor?

-- 
| Opinions are _mine_, facts                                     Rob Quinn |
| are facts.                                                 (703)689-6582 |
|                                                  rquinn @ sec.sprint.net |
|                                                Sprint Corporate Security |
|                                          Computer Incident Response Team |




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.