This is a discussion on Re: [fw-wiz] The Death Of A Firewall - Firewalls ; I think it's misleading. The article is titled "The Death Of A Firewall". Yet, in the fourth paragraph, "By defining simple ACLs, we further isolate our backend servers." The word *firewall* is just another way to say ACL. But firewall ...
I think it's misleading.
The article is titled "The Death Of A Firewall". Yet, in the fourth
paragraph, "By defining simple ACLs, we further isolate our backend
The word *firewall* is just another way to say ACL. But firewall has
somehow morphed into this word meaning that some *hardware device* needs
to be sitting between us and cruel world.
They should have titled the article "The Death of the single-function
hardware firewall appliance". Even so, I thought the content was pretty
worthless. Any administrator worth their salt knows that the firewall
is only a step in the total security of a solution. What the article
described is something that people have already been doing when building
new application networks. Until very recently, you couldn't do any
*stateful* ACLs with as many OS'es or network devices. Now that has
changed for the better I believe.
The firewall as the be-all/end-all appliance has been dead for years.
Why did we need someone to write an article that basically described
best-practices like it's some revelation?
James Paterson wrote:
> Be interesting to get the communities take on this article.
> firewall-wizards mailing list
firewall-wizards mailing list