Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DISA eliminating firewalls

From: Crispin Cowan <crispin () crispincowan com>
Date: Sat, 6 Jul 2013 15:55:11 +0000
“What will happen when firewalls go away?” is a very good question, i don’t have that answer. I simply assert that 
firewalls will go away, because they will become irrelevant. They are already barely relevant because of mobile 
devices. The threatscape is ignoring your firewall and walking straight through the front door attached to each 
individual worker in the form of a smart phone or a tablet. Not only do the users use them any way they want while away 
from the office, most of these devices are dual-homed to your network and a cellular network plumped right to the 
internet.


It is neither my choice nor my wish that firewalls will go away, merely an inevitable consequence of pervasive mobile 
computing in the enterprise.






Sent from Windows Mail





From: Tim Harris
Sent: ‎Saturday‎, ‎July‎ ‎6‎, ‎2013 ‎8‎:‎11‎ ‎AM
To: Firewall Wizards Security Mailing List





I don’t disagree with your comment about the crunchy outside/gooey middle but If firewalls are to go away, what will 
happen to the function they perform?  Are we going to discard the entire function of coarse filtering?  It has been 
amply demonstrated that the individual device is not currently capable of adequately defending itself.

 

Going back to my other comment about many points of administration, is there a software package or system that can/will 
reduce it down to a manageable problem?  Is there a “meta-admin” system out there or under development?

 



From: firewall-wizards-bounces () listserv icsalabs com [mailto:firewall-wizards-bounces () listserv icsalabs com] On 
Behalf Of Crispin Cowan
Sent: Friday, July 05, 2013 12:04 PM
To: Firewall Wizards Security Mailing List
Subject: Re: [fw-wiz] DISA eliminating firewalls

 



Firewalls are virtually guaranteed to disappear. The writing was on the wall the first time “crunchy outside, gooey 
middle” was uttered. Smart phones and tablets dig the hole deeper, and BYOD is the nail in the coffin.


 


You cannot protect your networks in a world full of smart phones and tablets, owned by consumers, which must be allowed 
to connect to the network. The only thing you can do at that point is to stop trusting the network, and instead trust 
individual nodes, and use encrypted channels (IPsec, SSL, whatever) between nodes that trust each other.


 


When this will happen is far less clear, and it may be that DISA is a bit premature here. But this is coming, get used 
to it.



 


Sent from Windows Mail
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: