He specializes in Internet and Firewall architecture, yet wants to do away with firewalls? Some one see some thing very wrong there? John T eServices For You > -----Original Message----- > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > Sent: Wednesday, October 26, 2005 7:48 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] FW: [fw-wiz] The Death Of A Firewall > > http://www.ISAserver.org > > This is a very interesting article: > > http://www.securitypipeline.com/165700439 > > I'll forgive the guy for thinking of high speed packet filters as the > only type of "firewall" and some other conceptual blubobs. We can also > ignore the title, since there are still firewalls segmenting different > security perimeters, which is the thrust of the current article series > on the www.isaserver.org Web site, and two more article series showing > some other ways to do network security perimeter segmentation using ISA > firewalls. > > What's interesting is that only the servers and other core network > assets are protected and only to and from these assets are strong > network access controls enforce. All the clients are considered > untrusted, and sit behind an Internet router that lets everything in and > out. I suppose this guy has a lot of public addresses to get away with > this, but some companys have hundreds and thousands and tens of > thousands to throw around. > > I'm going to chew on this idea some more, and see if I can tell a good > ISA firewall story around it. It certainly would solve the "Open Port" > button issue. > > Tom > > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://spaces.msn.com/members/drisa/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > **Who is John Galt?** > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > johnlist@xxxxxxxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx