ietf
[Top] [All Lists]

Re: myth of the great transition

2003-06-19 08:41:09


Keith Moore wrote:

expecting the network
to isolate insecure hosts from untrustworthy attackers, or more
generally, to enforce policy about what kinds of content are
permitted to pass, has always been a stretch.


So where do firewalls fit into your picture? Do they represent for the
network or for the hosts?

I believe the primary purpose of firewalls should be to protect the network,
not the hosts, from abusive or unauthorized usage.

So for every firewall you purchase and install, you can focus its
configuration and operation on protecting the network from your users. I
trust you agree that it's appropriate for the rest of the world to be
free to make similar decisions in what they choose to be their own
perceived best interest? And I hope you'll not be *too* surprised when
the vast majority decide that protecting their own machines from the
network is more important than protecting the network from their own
machines...



                                - peterd (CMBD)