Great Circle Associates Firewalls
(June 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Maintenance of firewall-1 2.0
From: John Bell <job @ hprofsdv . nwscc . sea06 . navy . mil>
Organization: CACI Inc (Federal)
Date: Wed, 12 Jun 1996 07:58:27 -0700
To: "Richard D. Stiennon" <richards @ netrex . com>
Cc: firewalls @ greatcircle . com
References: <2 . 2 . 32 . 19960612115059 . 00a6b09c @ trex . netrex . com> 
Richard D. Stiennon wrote:
> 
> At 04:41 PM 6/10/96 -0700, Nik D. Knoth wrote:

[snip]

> > FW-1 v2.0 should require
> > essentially no maintenance, tho.
> >
> 
> Yipes!  What about reading the logs *every* day and taking appropriate
> action based on what you find there?
> 
> *Any* firewall system is a full time job.
>                            ^^^^^^^^^^^^^

Full Time Job -> Having to budget for another salaried position.

Management does not like to hear that. They like to hear phrases
such as "self-managing" and "turn-key system". Too bad the hacker
types aren't willing to use the same old attack methods every time.
We know that reality is different :-).

Still waiting for that "magic" attack that "turn-key systems" are
unable to detect and react to...
-- 
                        John Bell, CACI Inc (Federal)
           Bloomington, Indiana (Midwest RE-Engineering Division)
        job @
 hprofsdv .
 nwscc .
 sea06 .
 navy .
 mil -OR- jbii @
 mama .
 indstate .
 edu
                      "Hi ho! Yow! I'm surfing ARPANET!" 
                 - anagram for "The Information Superhighway"
Follow-Ups:
References:
Indexed By Date Previous: RE: Round-robin DNS?
From: Tim Heagarty <Heagarty @ Diebold . com>
Next: Cisco 2500's and BGP
From: oolid @ acqic . org (Joseph L. Moll)
Indexed By Thread Previous: Re: Maintenance of firewall-1 2.0
From: "Richard D. Stiennon" <richards @ netrex . com>
Next: Re[2]: Maintenance of firewall-1 2.0
From: Brian Murrell <Brian_Murrell @ bctel . net>
Google
 
Search Internet Search www.greatcircle.com