Great Circle Associates Firewalls
(March 1994) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: RFC 1597
From: lear @ yeager . corp . sgi . com (Eliot Lear)
Date: Tue, 22 Mar 1994 18:47:02 -0800
To: "Robert G. Moskowitz" <0003858921 @ mcimail . com>, Philip Gladstone <Philip . Gladstone @ charon . citicorp . com>, Firewalls <Firewalls @ GreatCircle . COM>
In-reply-to: "Robert G. Moskowitz" <0003858921 @ mcimail . com> "Re: RFC 1597" (Mar 22, 2:43pm)
References: <73940322194337/0003858921NA4EM @ mcimail . com> 
The only reason the auditors demand anything is due to a lax host
security model.  That will be fixed at some point, to an auditor's
satisfaction, or the auditors will start going after the firewalls
themselves, when they become application sieves.  There are several
organizations I am aware of with with firewalls inside.  In most
cases it was due to incompetance, resulting in factional warfare.  In
one case it was due to contractual requirements.

Let's face it.  Firewalls impede functionality.  If, however, you
prefer to live with them, we vendors will be happy to work on other
projects.


-- 
Eliot Lear
[lear @
 sgi .
 com]
Follow-Ups:
  • Re: RFC 1597
    From: sgcccdc @ citec . qld . gov . au (Colin Campbell)
References:
  • Re: RFC 1597
    From: "Robert G. Moskowitz" <0003858921 @ mcimail . com>
Indexed By Date Previous: Re: RFC 1597
From: "Robert G. Moskowitz" <0003858921 @ mcimail . com>
Next: Re: RFC 1597
From: sgcccdc @ citec . qld . gov . au (Colin Campbell)
Indexed By Thread Previous: Re: RFC 1597
From: "Robert G. Moskowitz" <0003858921 @ mcimail . com>
Next: Re: RFC 1597
From: sgcccdc @ citec . qld . gov . au (Colin Campbell)
Google
 
Search Internet Search www.greatcircle.com