[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Requirements for IPv6 Firewalls

Subject: Requirements for IPv6 Firewalls
From: jeff-kell at utc.edu (Jeff Kell)
Date: Fri, 18 Apr 2014 23:29:40 -0400
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <CAP-guGUquwcsESnKbe9QKE79NzfSBNsye4Sq4cFgjwr8xLODSw@mail.gmail.com> <CALgc3C6v_u3Xrjf1rQ=u+62ctExOEfYWUsor-DzfamLVv+z+uA@mail.gmail.com> <CAK__Kzs7_tY0HggT7PG2STorHqcV-3BAXHmYF=pia0bPa6YXzg@mail.gmail.com> <CALgc3C7Fi0rhBODH+kc2Vk6pE9s9TAoa303TFftTCN_K4G77kA@mail.gmail.com> <CAP-guGXia-YLnN0LN8FrQnQFC7gRQMbbiGXh=OLK+4cz02p+Rg@mail.gmail.com> <CAFy81rnw-Q7gYb8eSz-0LqH+kRgSS6+vWieMH=AL9Ay-x2KPDg@mail.gmail.com> <CAN3um4xY-jtZ23--yBMy=WfjH1kzhgQ2+2DLn8=MNAcuE-ZdKA@mail.gmail.com> <[email protected]> <CAP-guGVevjt4upAtt9bvbWjmARkL7=_D4L38OuBqSs1J69tLkQ@mail.gmail.com> <[email protected]> <CAP-guGW51yRY_2GPBRw6N_1665Nw9qS+d4Drhhp-eLWjuR1ioA@mail.gmail.com> <[email protected]> <CAP-guGUh1LPE8U6yqKRVQzEHVbiu9c6Sb0Np9kRqQh4fLPDxXA@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]>

On 4/18/2014 10:10 PM, Dobbins, Roland wrote:
> On Apr 19, 2014, at 9:04 AM, Jeff Kell <jeff-kell at utc.edu> wrote:
>
>> It's how we provide access control.
> Firewalls <> 'access control'.
>
> Firewalls are one (generally, very poor and grossly misused) way of providing access control.  They're often wedged in where stateless ACLs in hardware-based routers and/or layer-3 switches would do a much better job, such as in front of servers:

I call BS...  what do you expect closes the gap, host firewalls?  Most
3rd party crap has no firewalls and gets no specific rules for local
LANs or authorized users.

Firewalls are front-line defense, for the crap that is too generic /
misconfigured to protect itself.  And there are tons of these.

Anyone ever pentested you?  It's an enlightening experience.

Jeff

Follow-Ups:
- Requirements for IPv6 Firewalls
  - From: rdobbins at arbor.net (Dobbins, Roland)
- Requirements for IPv6 Firewalls
  - From: alter3d at alter3d.ca (Peter Kristolaitis)

References:
- Requirements for IPv6 Firewalls
  - From: fernando at gont.com.ar (Fernando Gont)
- Requirements for IPv6 Firewalls
  - From: fernando at gont.com.ar (Fernando Gont)
- Requirements for IPv6 Firewalls
  - From: bill at herrin.us (William Herrin)
- Requirements for IPv6 Firewalls
  - From: eugen at imacandi.net (Eugeniu Patrascu)
- Requirements for IPv6 Firewalls
  - From: george.herbert at gmail.com (George Herbert)
- Requirements for IPv6 Firewalls
  - From: eugen at imacandi.net (Eugeniu Patrascu)
- Requirements for IPv6 Firewalls
  - From: bill at herrin.us (William Herrin)
- Requirements for IPv6 Firewalls
  - From: tmorizot at gmail.com (Timothy Morizot)
- Requirements for IPv6 Firewalls
  - From: eyeronic.design at gmail.com (Mike Hale)
- Requirements for IPv6 Firewalls
  - From: simon at per.reau.lt (Simon Perreault)
- Requirements for IPv6 Firewalls
  - From: bill at herrin.us (William Herrin)
- Requirements for IPv6 Firewalls
  - From: simon at per.reau.lt (Simon Perreault)
- Requirements for IPv6 Firewalls
  - From: bill at herrin.us (William Herrin)
- Requirements for IPv6 Firewalls
  - From: simon at per.reau.lt (Simon Perreault)
- Requirements for IPv6 Firewalls
  - From: bill at herrin.us (William Herrin)
- Requirements for IPv6 Firewalls
  - From: rdobbins at arbor.net (Dobbins, Roland)
- Requirements for IPv6 Firewalls
  - From: jeff-kell at utc.edu (Jeff Kell)
- Requirements for IPv6 Firewalls
  - From: rdobbins at arbor.net (Dobbins, Roland)

Prev by Date: Requirements for IPv6 Firewalls
Next by Date: Requirements for IPv6 Firewalls
Previous by thread: Requirements for IPv6 Firewalls
Next by thread: Requirements for IPv6 Firewalls
Index(es):
- Date
- Thread