Click here to receive your FREE subscription to Campus Technology
Viewpoint
Firewalls: A Hammer in Search of a Nail
5/29/2008
- Firewalls help us isolate private networks from the public.
- Firewalls help us log problematic traffic.
- Firewalls help us enforce local policies such as "no peer-to-peer" traffic.
- Firewalls may be required for auditing reasons.
- Firewalls may enable NAT and help us preserve routable addresses in Ipv4.
- Firewalls embody the security principle of "least privilege," or giving a person or computer only the access needed.
- Firewalls can be part of a Defense in Depth that relies on multiple defensive strategies.
And in some cases, such as reinstalling Microsoft Windows, which begins with an unpatched operating system, they are even essential. (The SANS Institute reports that the average time for an unpatched system to become infected is less than 10 minutes if not behind a firewall.)
Other Reasons We Have Firewalls
The real reasons we have firewalls may be less analytical and include the fact that:
- Firewalls are ubiquitous; everyone else is running one. (Ninety-seven percent of the respondents to a recent survey indicated that their institution used firewalls.)
- Firewalls are widely regarded as part of due diligence in maintaining network security. (The old "You're always safe if you buy IBM and Cisco Theory.")
- Firewalls make us feel more secure. (The Linus Blanket theory of security.)
The Downside to Firewalls
But while it is conventional wisdom that a network must be protected by a firewall, not everyone agrees. At the RSA 2008 Conference, Bill Cheswick, who is frequently referred to as the "father of the firewall" and is one of the authors of Firewalls and Internet Security: Repelling the Wily Hacker, remarked about 34 minutes into a live Web interview, "I haven't used firewalls in, uh, well, mostly, for 10 years or more." He went on to say, "They still have their use, but I really want my hosts to be secure enough they don't need a firewall."
So what's not to like about firewalls?
Recommended Reading
- Tufts Grants Rights for Mileage-Increasing Transportation Technology to Electric Truck
Tufts University has optioned rights to a technology that can recharge the batteries of any hybrid electric and electric-powered vehicle while it is driven. The Tufts-developed technology could increase by 20 percent to 70 percent the miles per gallon or total driving range performance of vehicles like the Honda Civic, Ford Escape, and Toyota Prius hybrids and the Tesla Motors and Phoenix Motorcars electric vehicles.
- U Florida and Cyntellect Collaborate to Unlock Mysteries of Cancer Stem Cells
The University of Florida has entered into a research agreement with life sciences company Cyntellect. The university's Interdisciplinary Center for Biotechnology Research will work with the company to focus on a variety of research areas including the purification and analysis of cancer stem cells (CSCs), rare cells believed to be directly involved in propagating cancers.
- George Mason U Receives Grant To Deploy Intergraph Apps for Intelligence Curriculum
George Mason University (GMU) in Fairfax, VA has been awarded a grant from Intergraph to enable students enrolled in GMU's Geospatial Intelligence Graduate Certificate program to use the company's geospatial production and exploitation software as part of their core curriculum.
- Institute for Cyber Security at U Texas, San Antonio Opens Incubator
The University of Texas at San Antonio (UTSA) Institute for Cyber Security (ICS) has launched a new Internet security incubator. The incubator was developed to commercialize promising technologies that address major cyber security and privacy issues. The first companies to enter the incubator are Denim Labs and SafeMashups.
- ISO/IEC Publishes Office Open XML Standard
ISO/IEC has published the Office Open XML (OOXML) file format standard, formally known as ISO/IEC 29500:2008. It describes file formats originally designed by Microsoft for its Office 2007 productivity suite, which are used in presentation, spreadsheet and word processing applications.
- Dynamics NAV 2009 ERP Coming Next Month
Microsoft exec Kirill Tatarinov Wednesday described some new features to expect in the forthcoming Microsoft Dynamics NAV 2009 enterprise resource planning solution. He gave the keynote address at Microsoft's Convergence 2008 event in Copenhagen, Denmark.
