« Gonzo: Two Thumbs In and Up | Main | SSO Summit Day One Morning Session »



I dunno, I'm still not buying that a firewall is historical baggage (that is what you're saying, right?).

I accept that for a firewall to continue to be as effective as the Visio image on a diagram, it needs extremely deep inspection and knowledge of the protocols (good luck there).

I accept that once "inside the firewall" the hosts need to be hardened.

I even accept the loose idea that company networks are a federation, although I'm wary to say that. Just because 20 of my users can IM in and out doesn't mean they're making full connections with full pass-thru to and from those outside servers or users. But I'll accept that communication traverses our border all the time, and systems join in and disjoin the network.

I accept that while we collectively considered firewalls a very effective protection 15 years ago, they're not *as good* a protection now (see point #1).

But none of that really follows to say firewalls are antiquated or not necessary.

I guess it might depend how you define a "firewall" and what sort of security you expect it to have (perfect versus partial value). An ACL on a router may be the same thing, so then we just play with semantics and Visio icons...

The comments to this entry are closed.