Security Management Strategies for the CIOAccess "Top challenges facing defense-in-depth firewall technology"
This article is part of the June 2003 issue of Defense-in-Depth: Securing the network from the perimeter to the core
More from Joel Snyder See Joel's Information Security June 2003 cover story: Designing a defense-in-depth network security model. Why haven't enterprises already done defense-in-depth? We found six barriers to pushing firewall technology to the port level: Cost. The cost of adding firewall "brains" to the inside of the network is substantial, especially compared to the continued cost reduction of standard networking switches and routers. Performance. Firewalls have proven themselves on Internet-speed links, but most enterprises have significantly higher flow rates within the network than towards the Internet. Common tasks such as file sharing and backups would bring a firewall designed for Internet speeds to its knees on a 100 Mbps Ethernet link. Management. Most firewall vendors have found it challenging to define management in terms of many-to-many relationships. Generally, the three-legged firewall (outside, inside, DMZ) is about as sophisticated as they get, and having multiple firewalls in a single configuration has been a difficult problem to solve ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Designing a defense-in-depth network security model
by Joel Snyder, Contributor
We challenged networking and firewall vendors to provide defense-in-depth security from the perimeter to the core. Their responses give us a glimpse into the future of enterprise network security.
-
First person: Editor Andrew Briney on how to pass the CISSP exam
by Andrew Briney
Newly minted CISSP Andrew Briney explains how to pass the CISSP exam, infosec's most coveted and controversial certification.
-
CISSP study plan: CISSP prep books, guides and resources
by Andrew Briney
Check out Andrew Briney's CISSP study plan recommendations on the best CISSP prep books, guides and websites.
-
The security risk management lifecycle framework
by Andrew Briney
Learn about the seven steps in the enterprise information security risk management lifecycle framework.
-
Designing a defense-in-depth network security model
by Joel Snyder, Contributor
-
-
Top challenges facing defense-in-depth firewall technology
by Joel Snyder, Contributor
Defense-in-depth firewall technology may offer value, but there are six barriers thwarting firewall technology on the port level.
-
Preparing for CISSP exam questions: What to expect
by Andrew Briney
Anybody who says the CISSP exam is easy isn't telling the whole story. There are plenty of difficult questions--some legitimate, some goofy.
-
Roundtable: Practical strategies for enterprise-wide risk management
by Andrew Briney
Four CISOs explore practical strategies for managing enterprise risk-from classification to assessment to monitoring to response.
-
Keeping security initiatives on track through executive, management turnover
by Anne Saita
How to keep enterprise security initiatives on track...even when there are cracks in the corporate ladder.
-
Top challenges facing defense-in-depth firewall technology
by Joel Snyder, Contributor
-
Columns
-
Achieving compliance with the California SB 1386 privacy law
by Randy Sabett, Contributor
California's new SB 1386 privacy law is full of ambiguity, but if you do business there, you'd better get your guard up.
-
Test center: CORE IMPACT 3.1 automated pen testing tool
by Scott Sidel, Contributor
Numerous mistakes tarnish the benefits of CORE Security's CORE IMPACT 3.1 automated pen testing tool.
-
POF fingerprint scanning tools mitigate OS fingerprinting vulnerabilities
by Marcus J. Ranum, Contributor
Nmap's silent parnter, POF is an OS fingerprinting tool for the good guys.
-
How to learn IT security in your spare time
by Dana W. Paxson, Contributor
When considering how to learn IT security, never underestimate the power of a few minutes of downtime.
-
Achieving compliance with the California SB 1386 privacy law
by Randy Sabett, Contributor
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...