Response | Technology cont’d

• Firewalls cont’d

  • Evolving
    • From filters based on source address, destination address, and type of service... to policy-based rules
  • Internal firewalls used to protect trusted internal networks from each other
    • Dilbert example: Isolate/protect Engineering LAN from Executive Management
  • Firewalls not enough...
    • New viruses and Trojans like BO2K-variations can vary their signature (size, port, location, checksum, etc.) to slip past even good firewalls
    • Some claim 70% of firewalls can be penetrated
    • Organizations relying on perimeter firewalls for network security are like Tootsie Rolls... hard on the outside, but soft and chewy inside
    • Overloading of http (via port 80) may render traditional firewalls less effective