On Tue, 12 Jan 1999, Andy Condliffe wrote:
> THE ONE YOU UNDERSTAND BEST!
There is a counter-point to this, of course.
_If_ you don't have a great deal of confidence in either the coding
ability of the OS vendor, especially the network stack of the OS, then
you may be better served with a product that is running a different OS,
or a different stack implementation. This is also true if you simply
don't want to put all of your security eggs in one basket. Host security
is your final barrier, and if your firewall is vulnerable to the same
sorts of things as the hosts it's protecting, it's worth considering.
Also, if you're not happy with the upgrade necessities of an OS, it may be
advantageous to chose one with a higher stability cycle. Folks applying
lots of NT hotfixes or moving to a new Solaris version will know what I
mean. People who have high-risk environments need to be protected from
DoS attacks, they'll feel that painfully in any environment, but
less-painfully in some.
Finally, it depends on your operations staff, and your mindset on
firewalls. We've found it advantageous to put in cryptic "don't mess
with it" firewalls in places where we wanted a specific policy
implemented without the site administrators opening the site up to
significantly greater risk through good-faith intentions while upgrading
or adding additional protocols.
It's all about risk management. Using something you know decreases some
risks, but may increase others. In some instances it may significantly
increase your vulnerability to some attacks.
If you haven't done a risk/feature analysis on your gateway (not necessarily
even a formal one), including software, hardware, administrative
procedures, historical performance, and how it fits in with the rest of the
network (or not - depending on your mindset) then I think you haven't made
an informed choice. If you have, then unless someone can point out a serious
flaw in your logic you don't have to worry about what anyone thinks of your
choice.
I don't think I'd use Solaris to protect a site running Solaris servers
anymore than I'd use NT to protect a site running NT servers.
FWIW, I wouldn't use NT to protect the Solaris site either, but that has to do
with my own risk analysis of NT, that doesn't make it a bad choice for
anyone who doesn't either share my weighting of risks/benifits or my value
assignments for the OS.
Rather than going with what you know, you should go with what will give
you the greatest ammount of protection and if it's important,
scalability. After all, firewalls are meant to be protection, and all
the warm fuzzies in the world of "knowing" something don't help one bit
if you're compromised or DoS'ed at a business-critical moment. Comments
on "knowing" saved for another rant entirely.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
