The primary value of a firewall is two-fold: - It enables a network administrator to define his "edge", the interior of which he is responsible for. - It enables a network administrator to isolate his network from externally-originated traffic per his whims and viewpoints. IMHO, it is not a security solution per se; it is comparable perhaps to human skin - keeping certain stuff out to limit the need to use other tools that one uses internally. That said, the tools one uses to create true security are a combination of network-based detection/ analysis equipment like honeypots, router configurations, and sensors, and host-based security technologies. In the final analysis, the hosted application is responsible for its own security (if some attacker threads the needle, it had better be able to handle the attack), and uses host and network facilities as defense-in-depth (the less it has to worry about that the more effective overall security is). On Jan 5, 2010, at 12:16 PM, Brian Johnson wrote:
Security Gurus, et al,
I have my own idea of what a firewall is and what it does. I also understand what statefull packet inspection is and what it does. Given this information, and not prejudging any responses, exactly what is a firewall for and when is statefull inspection useful?
Please respond on-list as I want to have some useful discourse and discussion in the clear. Flamers and Trolls will be disregarded. :)
Thank you.
- Brian
CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, copying, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Thank you.