- More porn sneaks onto the iPhone
- 'Swatting' case shows need to ban caller-ID spoofing
- Why the iPhone can't be "killed"
- Nortel enterprise chief wants to bring back Bay
- US sets final emergency responder wireless pilot
The firewall's fate is up for debate.
For more than a decade, firewalls have stood guard at the perimeter of corporate networks to defend against the Internet's perils. But a growing number of security managers, united under the banner of the Jericho Forum, want to retire this stalwart because they say it hinders e-commerce.
Countering the forum's argument, however, is an equally emphatic collection of analysts, corporate security managers and, not surprisingly, firewall vendors.
"The perimeter going away? That's baloney," said John Pescatore, a Gartner analyst alluding to the concept during his presentation at the research firm's recent IT Security Summit on the future of network security. "We think the security perimeter that people put around their servers is even more critical today. The perimeter cannot go away and does not get less important in the future."
There's an underlying need that "the network must reward good traffic and neutralize suspicious or unknown traffic," Pescatore said. And that means "controlling the perimeter is ever more important."
The Jericho Forum - the group's name refers to the Biblical walls that miraculously came tumbling down at the sound of trumpets - is on a mission to define a new security architecture. The forum calls knocking down the old firewall, as well as border proxies, a "de-perimeterization" process that can be achieved within a matter of years. The mission of its seven dozen members, which include Barclays Bank, Boeing and Eli Lilly, is to make the IT industry aware that it needs a new style of access control and data integrity product that pushes control deep inside intranets.
The Jericho Forum's quest to remove the traditional perimeter firewall and still maintain security strikes some as an impossible mission.
"There really isn't an alternative at the moment and I doubt there will be," says Nigel Fletcher, mobile segment manager at BG Group, a 6,000-employee oil and gas company in the U.K. that has offices and exploration outposts around the world. "A massive leap of faith would be required for this to happen."
Check Point Software, the firewall market leader, scoffs at the idea of ditching the firewall.
"First of all, we use the term 'perimeter security gateway,' " says Andy Singer, Check Point's director of market intelligence. "A firewall is a feature for opening and closing ports. There are all these things you can add to the gateway, such as VPNs, or intrusion prevention."
The Leader in Network Knowledge
Comment