I don't need no stinking firewall!

Dobbins, Roland rdobbins at arbor.net
Sun Jan 10 00:32:18 CST 2010


On Jan 10, 2010, at 1:22 PM, harbor235 wrote:

> Again, a firewall has it's place just like any other device in the network, defense in >>> depth is a prudent philosophy to reduce the chances of compromise, it does not >>>eliminate it nor does any architecture you can think of, period

What a ridiculous statement - of course it does.

*The place of the stateful firewall is in front of clients, not servers*.  

I'm not going to continue the unequal contest of pitting real-world operational experience against Confused Information Systems Security Professional brainwashing.  One can spout all the buzzwords and catchphrases one wishes, but at the end of the day, it's all dead wrong - and anyone naive enough to fall for it is setting himself up for a world of hurt.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

    Injustice is relatively easy to bear; what stings is justice.

                        -- H.L. Mencken







More information about the NANOG mailing list