Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ports/applications permitted for Guest Access

From: Dave Koontz <dkoontz () MBC EDU>
Date: Sun, 11 Sep 2011 13:11:29 -0400
As you've discovered, port based firewalls are no longer adequate in
today's world.  Any application can disguise itself as web traffic (http
or https), and many "bad" things do.

You need a firewall that can understand applications regardless of ports
used.

Take a look at Palo Alto networks solutions or any other next generation
firewalls.  I really believe Palo Alto has a huge lead currently in this
market. I am sure that Cisco, Foundry, Juniper and others will catch up
in a couple of years, but for now Palo Alto has a clear lead.  Take a
look at the last Gartner's Firewall report to see what I mean.

--
Dave Koontz
Mary Baldwin College
Staunton, Virginia

On 9/11/2011 10:39 AM, Robert Lau wrote:

Is anybody doing protocol/application inspection?  Once ports 80/443/22/etc are allowed, an app can pump any data 
through; it does not have to be http/https/ssh/etc.  In olden days, this would probably only be done by a clueful 
user, but many applications do this automatically now specifically to handle port restrictions.

-robert
Previous By Date Next
Previous By Thread Next

Current thread: