On Tue, Jan 5, 2010 at 12:16 PM, Brian Johnson <bjohnson@drtel.com> wrote:
Security Gurus, et al,
I have my own idea of what a firewall is and what it does. I also understand what statefull packet inspection is and what it does. Given this information, and not prejudging any responses, exactly what is a firewall for and when is statefull inspection useful?
Please respond on-list as I want to have some useful discourse and discussion in the clear. Flamers and Trolls will be disregarded. :)
Thank you.
- Brian
To me - a firewall is just another layer of security to help protect company/personal assets. Firewalls, AV, IPS, OS patches, physical security, educated users etc. etc...all play a part in protecting what you own and what you data you have from 'bad guys'. Where to place firewalls depends on what you are protecting. If regular humans (ie consumers) stateful packet firewalls are smart (although NAT does provide a level of security - and I know there will be arguments against that). If business assets - it depends on scale and traffic. If you have a small to medium business with a T1 - a smart network engineer can us ACL's to protect your assets but stateful firewalls are fairly cheap so why not use them? If you are running gigabits worth of traffic then a stateful firewall is a bad thing but layered protection is still important. DDOS defenses of some form is part of that layered protection (scale to handle DDOS, work w/ upstream providers etc..) . So I guess my answer is - it just depends on the business, traffic patterns, $$, and skill sets of the engineers or consultants you hire. But I do agree - firewalling or protection of assets is a necessity no matter what your size or scale from a practical and most likely regulatory perspective. So now I get to rant - becuase I think that 'security guru's' are one-tracked minded. Often times - in larger organizations the executives are the largest FUD mongers. This lead to hiring a 'Security Guru'. The 'Security Guru' convinces said executives that the sky is falling. Executives fear for their jobs and company assets and the next thing you know - all innovation and flexibility is removed from the employee's in the name of security. It's a really bad thing. Are most users bungholes that require strict security policies - yes. Are they all? No. It's your job to make sure the company is protected enough to continue innovation and making money. You have a tough job I'll give you that - and I wouldn't want it - but you chose your path in life not me! So make it work without stifling the users you are trying to protect! </end_rant> Kenny