Mark Teicher [SMTP:mht @
What determines when integrity is compromised within a firewall
I would consider any breach of the company's Security Policy as
compromising the security integrity of a system.
Any of these scenerios fit that bill.
Is it when the hardware/software fails to do its job?
Yes - if it fails to a less secure mode or can be caused to
fail as part of a denial of service attack.
Is it with the network architecture that was improperly
Yes - if it failed to implement the security policy in the
Is it with a firewall that was not designed for a particular
Yes - if the firewall can not protect against a specific type
of attack (e.g., SYN floods)
Is it with people who are not properly trained to maintain a
Yes (and common) - Changes make to the network or
firewall can result in violations of the security policy because the
people making those changes do not understand the security ramifications
Or is it with management who fails to recognize when people,
hardware/software and policy are not adequate to sustain such a
Yes (and common) - Security is a business process and as
such need the support and direction of management. Unfortunately,
management often doesn't properly weight the risk against the cost so
security devices, implementation and training are often inadequate to
maintain the security policy.
"Simplify - There is no value in complexity, it's too difficult to
Bill Stackpole, CISSP
Seitel Leeds & Associates Voice: 206.283.4355
2 Nickerson St. Suite 201 Email: bstackpole @
Seattle, Wa 98109