RE: FW: [fw-wiz] The Death Of A Firewall

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 27 Oct 2005 07:50:29 -0500

I think the problem is that he's not defining his terms properly. The
article clearly shows that he's still using firewalls, its just that
only the servers are being protected by firewalls. I don't know if he's
doing this on purpose to get attention, or if he things that only packet
filter devices are firewalls.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

> -----Original Message-----
> From: John T (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] 
> Sent: Thursday, October 27, 2005 2:58 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: FW: [fw-wiz] The Death Of A Firewall
> 
> http://www.ISAserver.org
> 
> He specializes in Internet and Firewall architecture, yet 
> wants to do away
> with firewalls?
> 
> Some one see some thing very wrong there?
> 
> John T
> eServices For You
> 
> > -----Original Message-----
> > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > Sent: Wednesday, October 26, 2005 7:48 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] FW: [fw-wiz] The Death Of A Firewall
> > 
> > http://www.ISAserver.org
> > 
> >  This is a very interesting article:
> > 
> > http://www.securitypipeline.com/165700439
> > 
> > I'll forgive the guy for thinking of high speed packet 
> filters as the
> > only type of "firewall" and some other conceptual blubobs. 
> We can also
> > ignore the title, since there are still firewalls 
> segmenting different
> > security perimeters, which is the thrust of the current 
> article series
> > on the www.isaserver.org Web site, and two more article 
> series showing
> > some other ways to do network security perimeter 
> segmentation using ISA
> > firewalls.
> > 
> > What's interesting is that only the servers and other core network
> > assets are protected and only to and from these assets are strong
> > network access controls enforce. All the clients are considered
> > untrusted, and sit behind an Internet router that lets 
> everything in and
> > out. I suppose this guy has a lot of public addresses to 
> get away with
> > this, but some companys have hundreds and thousands and tens of
> > thousands to throw around.
> > 
> > I'm going to chew on this idea some more, and see if I can 
> tell a good
> > ISA firewall story around it. It certainly would solve the 
> "Open Port"
> > button issue.
> > 
> > Tom
> > 
> > 
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > **Who is John Galt?**
> > 
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> > johnlist@xxxxxxxxxxxxxxxxxxx
> > To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 

Other related posts:

• » FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall

1. Home
2. isalist
3. Archive
4. 10-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---