In Firewall Follies, Simson Garfinkel says firewalls are disasters waiting to happen, in large part because they do nothing to protect an enterprise's information assets from inside attacks:
Organizations that rely on their firewalls build networks with hard, crunchy outsides but soft, creamy insides.Worse, he writes, they degrade over time:
Here's what typically happens: Somebody inside an organization needs to send some sort of information through the firewall -- perhaps because the company is involved in a joint project with another firm. To allow this transfer, a supposedly temporary hole is opened in the firewall. But that hole invariably remains in place long after it is no longer needed. After a few years, the typical firewall comes to resemble Swiss cheese.Back to Compendium
I understand your point and well taken. Doesn't this beg having an active management policy on the maintenance? Put and leave is not a management strategy and I feel from what you have said this is the case.
Probably a good reason to do penetration testing on a regular basis, wouldn't you agree?
Posted by: JC Stynchula on September 4, 2002 12:47 PMPost a comment
