Firewall Wizards mailing list archives
Re: Firewalls and IS Network bodies
From: Bennett Todd <bet () rahul net>
Date: Wed, 17 Dec 1997 05:07:30 -0800
On Fri, Dec 12, 1997 at 09:12:09AM -0600, Biggerstaff, Craig T wrote:
Those who have expertise in networking and security matters generally gained it through daily exposure to operational hazards, and are better equipped to recognize a flawed policy than policy makers who doesn't have to worry about the details.
The security admins certainly need to play an advisory role in helping to form the policy; policy-makers are not likely to be completely informed about the day-to-day minutia of internet security issues. But by the same token, there's no reason to expect that a security admin will also be a competant policy maker. In fact, I think it would be astonishing and remarkable to find one. A skilled policy maker knows enough about the needs of the different affected groups, their wants, and their relative importance to hit the appropriate balance for the organization as a whole, and a truly awesome policy maker is also a good enough communicator to make everyone feel happy with the results. Setting good policy is a rare enough skill that it would be an amazing combination to find it in a knowlegeable security admin. I just don't see a profit in attempting to combine these two roles; it's hard enough to find competent people to fill either of them alone. -Bennett
Current thread:
- Firewalls and IS Network bodies Mike van der Walt (Dec 11)
- Re: Firewalls and IS Network bodies chuck yerkes (Dec 11)
- Re: Firewalls and IS Network bodies Andy Howard (Dec 12)
- <Possible follow-ups>
- RE: Firewalls and IS Network bodies Mark Curley (Dec 11)
- RE: Firewalls and IS Network bodies Stout, William (Dec 11)
- RE: Firewalls and IS Network bodies Gary Crumrine (Dec 12)
- RE: Firewalls and IS Network bodies Biggerstaff, Craig T (Dec 12)
- Re: Firewalls and IS Network bodies Bennett Todd (Dec 17)