On Sun, 24 Mar 1996, Jeffrey C. Sedayao wrote:
> I remember this being discussed before, but I don't recall seeing any
> actually numbers of users being tossed out. My question is this:
> At what point does the number of users inside of a perimeter become so
> large that inside of the firewall becomes virtually indistinguishable
> from outside of the firewall? 1,000 users? 10,000 users? 100,000
> users? Is this point real or just imaginary?
The answer is, of course, "it depends."
At what point are the assets going to require protection from others,
even if the "others" are also members of the same organization?
Sounds like you need to determine of "security containers" are required,
and if host-based security to enforce these containers will be enough. If
you need more than host-based security, a firewall between internal
partitions may be what you need. It isn't a "numbers" problem - even a
thirty person company, with 10 users working on "project X" may need a
firewall to keep the other 20 employees out.
Just my $.02