Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Firewall opinions wanted please

  • From: Michael.Dillon
  • Date: Wed Mar 17 12:30:13 2004

>> _Everyone_ (network connected) should have a firewall. 

>                Why? 

Every network-connected device should have a security layer.
Firewalls provide a nice modular security layer and they
are cheap compared to the devices/networks that they protect.

>             When did the end2end nature of the Internet suddenly
>                sprout these mutant bits of extra complexity that reduce
>                the overall security of the 'net? 

The security issue has always been there. You can either
build security into the network or into the endpoints.
Given that the Internet model is to keep complexity
out of the network and in the endpoints, the next
question is for site administrators to ask themselves,
do I manage *MY* network, like the Internet, or do
I manage it like an endpoint? If the answer is to
treat it as an endpoint, then it is quite appropriate
to install a firewall as a gateway between the network
and the Internet.

Consider that many endpoints in today's world now
encapsulate networks within a single physical
device. Routers, switches, cellphones, cars and
any embedded device using I2C. Just as the distinction
between a router and a switch has been blurred by
the advance of technology, so too has the distinction
between an endpoint and a network.

--Michael Dillon

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.