mailing list archives
Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)
From: Chris Blask <chris () blask org>
Date: Fri, 26 May 2006 10:12:10 -0400
At 09:11 AM 26/05/2006, ArkanoiD wrote:
On Thu, May 25, 2006 at 08:24:17PM -0400, Marcus J. Ranum wrote:
My guess is that that VCs would split a rib laughing if someone came
to them with a business plan for a new firewall company. :)
Damn sure. And maybe that's why we have nothing like "Gauntlet on steroids"
(flexible, expandable and supported with development team who is willing
to help to integrate it with any customer application) these days, though
there definitely *is* some niche market demand for it.
We spend too much time complaining about the shape of the landscape, not enough time building communities that fit into
Why should any non-Infosec decision maker believe that our Perfect Firewall will make them safe? It won't: they'll be
hacked from the inside/wirelessly/through an unauthorized connection. Nothing we as an industry have delivered is any
better than anything else at making customer X safer from the risks they face, so why should they listen to us? The
only places to date we can (sometimes) actually provide decent security is where the dollars involved are so huge they
justify the expense, or where someone who can follow this thread works (but then they get a new job, and their employer
is screwed again). Is it a shoe manufacturer's fault that our industry has produced no empirical metrics that would
differentiate the qualities of good and bad ideas?
It's the maturity phase of the market that I can't wait for (though it may start getting boring about then). It is
essentially impossible to offer SAS-level advice (to add one last military analog) in the current market, because we
are still arguing about what a gun is.
The man who never alters his opinion is like standing water, and breeds reptiles of the mind.
chris () blask org
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.392 / Virus Database: 268.7.0/345 - Release Date: 22/05/2006
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) sase (May 25)