Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Firewall opinions wanted please

  • From: Steven M. Bellovin
  • Date: Tue Mar 16 22:36:43 2004

In message <200403170238.i2H2caAA006011@turing-police.cc.vt.edu>, Valdis.Kletni
eks@vt.edu writes:
>
>--==_Exmh_2134986584P
>Content-Type: text/plain; charset=us-ascii
>
>On Tue, 16 Mar 2004 14:27:16 PST, Nicole <nmh@daemontech.com>  said:
>
>>  From what I have heard a proxy firewall would be best? 
>
>I'll go out on a limb here and say that the actual make and model of the
>firewall don't matter anywhere *near* as much as a proper understanding on the
>client's part of what a firewall can and can't do.

You're not going out on a limb; you're absolutely right, and I've been 
saying that for years.  I'll quote myself:

   Although firewalls are a useful part of a network security
   program, they are not a panacea. When managed properly, they
   are useful, but they will not do everything. If
   firewalls are used improperly, the only thing they buy you
   is a false sense of security.

Beyond that, different security policies have a much greater impact 
than different brands or types of firewalls.  

		--Steve Bellovin, http://www.research.att.com/~smb






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.