Input requested for second edition of "Firewalls and Internet Security"

• Previous message (by thread): Input requested for second edition of "Firewalls and Internet Security"
• Next message (by thread): Input requested for second edition of "Firewalls and Internet Security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

As to whether ISP's should install firewalls at every external
Internet connection, I think the question would be more appropriately
phrased as: Should ISP's have policy enforcement mechanisms at every
gateway? 

The answer to this is "Yes". Much of the problem that exists right
now can be attributed to the fact that ISP's and enterprise networks
do not have *any* way of enforcing policy between any of the devices
on their network, their customers, or anyone elses. Maybe a nice web
based interface for customers to alter filters applied by a radius 
profile for the ISP interface they are connected to would be a start. 



On Sun, 20 Oct 2002, Sean Donelan wrote:

:What may be more interesting to NANOG is what should be the model Internet
:security architecture for public network operators?  How do you define a
:security perimeter?  Should ISPs install firewalls at every external
:Internet connection?  Is there a different between carrier-grade security
:and enterprise-grade network security requirements?






:
:Is the Orange Book really dead?
:

-- 
batz

• Previous message (by thread): Input requested for second edition of "Firewalls and Internet Security"
• Next message (by thread): Input requested for second edition of "Firewalls and Internet Security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]