RE: FW: [fw-wiz] The Death Of A Firewall

• From: "Ball, Dan" <DBall@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 27 Oct 2005 15:27:29 -0400

Oh, how did you guess?

-----Original Message-----
From: Quillman Shawn (RBNA/CSA1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx] 
Sent: Thursday, October 27, 2005 10:01 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: FW: [fw-wiz] The Death Of A Firewall

http://www.ISAserver.org


Would that be Northern? 


>-----
>Robert Bosch Corporation
>Technical Systems Analyst (RBNA/CSA1)
>Corporate Sales Reporting Systems
>38000 Hills Tech Drive - Farmington Hills, MI 48331 - USA
>phone: 1 (248) 876-1164    fax: 1 (248) 876-6969
>shawn.quillman@xxxxxxxxxxxx
>http://www.bosch.us

-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] 
Sent: Thursday, October 27, 2005 9:43 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: FW: [fw-wiz] The Death Of A Firewall

http://www.ISAserver.org

That is kinda the approach our local University takes.  The student
laptops (which ALL students are required to lease) basically have their
own public IP address via WAPs all over campus.  

Horrendous design, but takes all the pressure off their IT department as
everything is web-based, and the rest is unsupported.

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Wednesday, October 26, 2005 10:48 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] FW: [fw-wiz] The Death Of A Firewall

http://www.ISAserver.org

 This is a very interesting article:

http://www.securitypipeline.com/165700439

I'll forgive the guy for thinking of high speed packet filters as the
only type of "firewall" and some other conceptual blubobs. We can also
ignore the title, since there are still firewalls segmenting different
security perimeters, which is the thrust of the current article series
on the www.isaserver.org Web site, and two more article series showing
some other ways to do network security perimeter segmentation using ISA
firewalls.

What's interesting is that only the servers and other core network
assets are protected and only to and from these assets are strong
network access controls enforce. All the clients are considered
untrusted, and sit behind an Internet router that lets everything in and
out. I suppose this guy has a lot of public addresses to get away with
this, but some companys have hundreds and thousands and tens of
thousands to throw around.

I'm going to chew on this idea some more, and see if I can tell a good
ISA firewall story around it. It certainly would solve the "Open Port"
button issue.

Tom


Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall
• » RE: FW: [fw-wiz] The Death Of A Firewall

1. Home
2. isalist
3. Archive
4. 10-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---