http://www.sunworld.com/sunworldonline/swol-09-1999/swol-09-security.html
Firewalls: One size does not fit all
Are you letting your firewall vendor decide your architecture?
By Carole Fennelly
Summary
Planning a firewall architecture is a time-consuming process. Many sites
try to take shortcuts by installing a vendor firewall loaded with features
that they might not need. In Part 1 of a two-part series, Carole discusses
the importance of firewall architecture planning. (2,700 words)
I am often asked, "What is the best firewall?" -- a leading question if
ever there was one. It reminds me of a time when I went to a popular cigar
shop to purchase a humidor and cigars as a gift. I told the proprietor
that I knew nothing about cigars, but would rely on his judgment to choose
"the best." He explained that it really was a matter of taste, which was a
point I could relate to my feelings about wine. I personally don't care
for Chardonnay, no matter how expensive. A reasonably priced Margaux is
more to my taste and, therefore, the better wine for me.
Firewall selection is not much different. There are many types that suit
different requirements. Simply purchasing "the industry leader" is not
necessarily the best solution. There's more involved than installation. A
firewall solution must be maintainable and adaptable as well.
Part 1 of this two-part series will focus on the planning stage of
firewall architecture. We'll be focusing on what is required for a
firewall rather than how to make one work, although the consequences of
these decisions will be discussed as well. Next month, Part 2 will focus
on the implementation issues, including platform security, installation,
performance tuning, and maintenance.
[snip..]
ISN is sponsored by Security-Focus.COM
Received on Sun Sep 5 11:27:01 1999