/>
X

Hosing down firewall hype

commentary Network administrators who place all their trust in firewalls copped stern words this week from a high-ranking engineer at one of the world's largest networking equipment vendors. "The idea behind firewalls doesn't work anymore," 3Com's global vice-president Pat Rudolph, said in an interview with your writer.
zd-defaultauthor-renai-lemay.jpg
Written by Renai LeMay on
commentary Network administrators who place all their trust in firewalls copped stern words this week from a high-ranking engineer at one of the world's largest networking equipment vendors.
Renai LeMay, ZDNet Australia
"The idea behind firewalls doesn't work anymore," 3Com's global vice-president Pat Rudolph, said in an interview with your writer.

"The idea behind firewalls is that people inside the network are trusted and that people outside the network are potentially malicious," he continued.

"The problem is, if I take my laptop home and get infected on my home network because my kid's doing something he shouldn't be, I can then walk my laptop right past my firewall, and plug it into the corporate network. I can then infect the network."

Rudolph also pointed out firewalls worked by leaving network ports open.

"Like port 80, which is Web traffic. You have to leave port 80 open. The problem is that hackers know this, and they can put in malicious attacks through port 80," he said.

Rudolph's comments are correct. A number of common security threats aren't going to be stopped by your average firewall.

This is exactly why the current generation of multipurpose (spam/anti-virus/anti-spyware, etc) security hardware is enjoying high levels of popularity. For example, real estate king LJ Hooker is currently installing such devices throughout its Australia-wide network.

However, while firewalls are not enough on their own, they remain integral to network defence strategies.

An executive from wireless security vendor AirDefense told a Sydney conference yesterday that firewalls should always be used, especially for wireless devices.

As he demonstrated a technique that could take control of a whole room of laptops within seconds, the company's director of technical solutions Spencer Parker said even the humble firewall bundled with Windows XP could stop a lot of threats targeted at individual PCs.

The lesson to be learnt here is that even though firewalls are not sufficient security on their own, they're still going to be around for a long time in one form or another.

As for Rudolph himself, he can probably afford to be complacent even if his kids are tinkering with his work machine.

"I have a team of technical specialists around the world and we all tend to operate on Macintosh," he said. "Without offending Microsoft, I like my computer to be stable."

Like Windows XP, Mac OS X comes with a firewall built in, but the Apple operating system has a much better history when it comes to security problems.

What do you think? Are networks still safe behind firewalls or can hackers bypass them at will? Send your thoughts to renai.lemay@zdnet.com.au.

For more views from the trenches of Australian telecommunications, visit my new blog:
Full Duplex
http://www.zdnet.com.au/blogs/fullduplex

Related

Why you need an Android smartphone with a thermal and IR camera
img-6767

Why you need an Android smartphone with a thermal and IR camera

Android
Are you ready for the worst Economy Class airline seats in the world?
airline-seats.jpg

Are you ready for the worst Economy Class airline seats in the world?

Business
Dell and Intel just had a big success. It may break your heart
screen-shot-2022-06-23-at-9-16-05-am.png

Dell and Intel just had a big success. It may break your heart

Innovation