Dobbins, Roland wrote:
On Jan 10, 2010, at 1:22 PM, harbor235 wrote:
Again, a firewall has it's place just like any other device in the network, defense
in>>> depth is a prudent philosophy to reduce the chances of compromise, it does
not>>>eliminate it nor does any architecture you can think of, period
What a ridiculous statement - of course it does.
*The place of the stateful firewall is in front of clients, not servers*.
Servers can also be clients who can benefit from state tracking.
The best answer I have to that scenario is to make the client path
different than the server path.
Joe
