Firewall Wizards mailing list archives
Re: Too Paranoid?
From: Frederick M Avolio <fred () avolio com>
Date: Sun, 29 Sep 2002 20:10:19 -0400
At 01:57 PM 9/29/2002 -0400, Dave Piscitello wrote:
Totally in agreement. Any reputable vendor should appreciate this, and should be willing to explain what security measures they have implemented to your satisfaction, or if not to your satisfaction, willing to work to resolve differences between their security posture and what your policy requires.
Which planet would you be talking about? Key word in this, of course, is "should." Most probably it is "can't" because "never thought of it." Most reputable vendors SHOULD but don't.
Most reputable vendors behave just as this one does. They are certain it is Not So Bad. And in their mind, it is not. Because all they know is firewalls make things secure and it can work with the firewall in place, as long as you poke a hole or two through it.
I don't envy you and hope you have a pretty good policy in place you can point to. Otherwise you are in between that vendor and the users who want to use that vendor is selling. Worst case is the solution is already purchased and you not only have the users clammering for it, but the person in the company who chose it now will be on your case because you are making him look bad as well. God help you if it is some executive vice president.
All the suggestions, so far are great, and Dave's comments are, of course, right on target.
Those you you out there who are not in this position should play the game "what if it were me, what if it was here?"
Do tell us how it turns out. Fred Avolio Consulting, Inc. 16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US +1 410-309-6910 (voice) +1 410-309-6911 (fax) http://www.avolio.com/ _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Too Paranoid? Jim Seymour (Sep 29)
- Re: Too Paranoid? Paul D. Robertson (Sep 29)
- Re: Too Paranoid? James Triplett (Sep 29)
- Re: Too Paranoid? R. DuFresne (Sep 29)
- Re: Too Paranoid? Dave Piscitello (Sep 29)
- Re: Too Paranoid? Frederick M Avolio (Sep 29)
- Re: Too Paranoid? Dave Piscitello (Sep 29)
- Re: Too Paranoid? Bennett Todd (Sep 30)
- Re: Too Paranoid? Adam Shostack (Sep 30)