[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: [Full-Disclosure] Why should one buy (or not) an Appliance-based security gateway?

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: FW: [Full-Disclosure] Why should one buy (or not) an Appliance-based security gateway?
From: DWreck <dwr3ckmailbox-fulldisclosure@xxxxxxxxx>
Date: Tue, 3 Aug 2004 07:28:09 -0700 (PDT)

I'll try to give some realistic answers to the question and address the 
newbie's comments below:

 

>Because you dont know that much about security ??? ( a >theoretical "you" !!)

 

Not sure where this comment comes from but it appears to be in reverse.  

 

Using appliances for specific purposes is/should be part of most security 
architectures in environments with moe than one segment.  Appliance devices 
help keep TCO down.  It is possible to build your one IPS, firewall etc. but it 
is usually not cost effective for larger environments.

 

>If you know what you need, and what can you do, you do it by >yourself, and 

>only rely on your capacities.

 

You should be designing and implementing solutions for your clients that should 
scale and have as low a TCO as possible.  More often than not, this means you 
will need to piece togther solutions from multiple vendors etc.  

 

Creating your own solutions for everything is fun and you should try it 
sometime (at home?)for the learning experience.  However, in corporations you 
will typically NOT have the time to do so.  You will probably end up using a 
combination of appliance devices and custom scripts to get the job done.  

 

As for relying only on your capabilities and building solutions that only you 
understand (and can maintain), this will NOT lead to job security.  It is also 
negligent from a DR/BCE stasndpoint for your clients.

 

>If you need protection, or at least some kind of monitoring >activity, but 
>dont 

>know much about network security, then you go an buy a solution

 

Ignore the above comment.  It was made by someone who probably knows a lot 
about security and nothing about business and budgeting.

 

>BTW, all the network admins I know use firewall for protection, >but dont now 

>much aside from that, most of the time use some kind of >precoded rules, and 

>keep it like that forever.

 

I have yet to meet one such individual.  Appliance devices rarely come with a 
rule set.  They also typically do NOT come configured for a specific client's 
network :-)

 

 



Thanks,

DWreck

CONFIDENTIALITY NOTICE: This e-mail and any attachments thereto may contain 
information which is privileged and confidential, and is intended for the sole 
use of the recipient(s) named above. Any use of the information contained 
herein (including, but not limited to, total or partial reproduction, 
communication or distribution in any form) by persons other than the designated 
recipient(s) is strictly prohibited. If you have received this e-mail in error, 
please notify the sender either by telephone or by e-mail and delete the 
material from any computer. Thank you for your cooperation.

Prev by Date: RE: [Full-Disclosure] Key loggers and Anti Key loggers
Next by Date: Re: [Full-Disclosure] Getting the lead out of broken virus / worm email meta-reporting
Previous by thread: Re: [Full-Disclosure] Getting the lead out of broken virus / worm email meta-reporting
Next by thread: [Full-Disclosure] Re: Fwd: New possible scam method : forged websites using XUL (Firefox)
Index(es):
- Date
- Thread