The primary value of a firewall is two-fold:
- It enables a network administrator to define his "edge", the
interior of which he is responsible for.
- It enables a network administrator to isolate his network from
externally-originated traffic per his whims and viewpoints.
IMHO, it is not a security solution per se; it is comparable perhaps
to human skin - keeping certain stuff out to limit the need to use
other tools that one uses internally. That said, the tools one uses to
create true security are a combination of network-based detection/
analysis equipment like honeypots, router configurations, and sensors,
and host-based security technologies. In the final analysis, the
hosted application is responsible for its own security (if some
attacker threads the needle, it had better be able to handle the
attack), and uses host and network facilities as defense-in-depth (the
less it has to worry about that the more effective overall security is).
On Jan 5, 2010, at 12:16 PM, Brian Johnson wrote:
Security Gurus, et al,
I have my own idea of what a firewall is and what it does. I also
understand what statefull packet inspection is and what it does. Given
this information, and not prejudging any responses, exactly what is a
firewall for and when is statefull inspection useful?
Please respond on-list as I want to have some useful discourse and
discussion in the clear. Flamers and Trolls will be disregarded. :)
Thank you.
- Brian
CONFIDENTIALITY NOTICE: This email message, including any
attachments, is for the sole use of the
intended recipient(s) and may contain confidential and privileged
information. Any unauthorized review,
copying, use, disclosure, or distribution is prohibited. If you are
not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the
original message. Thank you.
http://www.ipinc.net/IPv4.GIF