X
Tech
Home Tech Services & Software Operating Systems Windows

Hosing down firewall hype

commentary Network administrators who place all their trust in firewalls copped stern words this week from a high-ranking engineer at one of the world's largest networking equipment vendors. "The idea behind firewalls doesn't work anymore," 3Com's global vice-president Pat Rudolph, said in an interview with your writer.
Written by Renai LeMay, Contributor
commentary Network administrators who place all their trust in firewalls copped stern words this week from a high-ranking engineer at one of the world's largest networking equipment vendors.
Renai LeMay, ZDNet Australia
"The idea behind firewalls doesn't work anymore," 3Com's global vice-president Pat Rudolph, said in an interview with your writer.

"The idea behind firewalls is that people inside the network are trusted and that people outside the network are potentially malicious," he continued.

"The problem is, if I take my laptop home and get infected on my home network because my kid's doing something he shouldn't be, I can then walk my laptop right past my firewall, and plug it into the corporate network. I can then infect the network."

Rudolph also pointed out firewalls worked by leaving network ports open.

"Like port 80, which is Web traffic. You have to leave port 80 open. The problem is that hackers know this, and they can put in malicious attacks through port 80," he said.

Rudolph's comments are correct. A number of common security threats aren't going to be stopped by your average firewall.

This is exactly why the current generation of multipurpose (spam/anti-virus/anti-spyware, etc) security hardware is enjoying high levels of popularity. For example, real estate king LJ Hooker is currently installing such devices throughout its Australia-wide network.

However, while firewalls are not enough on their own, they remain integral to network defence strategies.

An executive from wireless security vendor AirDefense told a Sydney conference yesterday that firewalls should always be used, especially for wireless devices.

As he demonstrated a technique that could take control of a whole room of laptops within seconds, the company's director of technical solutions Spencer Parker said even the humble firewall bundled with Windows XP could stop a lot of threats targeted at individual PCs.

The lesson to be learnt here is that even though firewalls are not sufficient security on their own, they're still going to be around for a long time in one form or another.

As for Rudolph himself, he can probably afford to be complacent even if his kids are tinkering with his work machine.

"I have a team of technical specialists around the world and we all tend to operate on Macintosh," he said. "Without offending Microsoft, I like my computer to be stable."

Like Windows XP, Mac OS X comes with a firewall built in, but the Apple operating system has a much better history when it comes to security problems.

What do you think? Are networks still safe behind firewalls or can hackers bypass them at will? Send your thoughts to renai.lemay@zdnet.com.au.

For more views from the trenches of Australian telecommunications, visit my new blog:
Full Duplex
http://www.zdnet.com.au/blogs/fullduplex

Editorial standards
Show Comments

Related

The Apple Watch Ultra 2 with an Atlantic Blue Nomad Rugged Band.

6 reasons to buy an Apple Watch, according to a wearables expert

Linus Torvalds and Dirk Hohndel, Open Source Summit North America 2024

Linus Torvalds takes on evil developers, hardware errors and 'hilarious' AI hype

Placeholder product image alt text

The best AI image generators to try right now