Is the Internet firewall headed for extinction? That was the intriguing subtext to a communicate today by a firewall innovate. As a researcher at Bell Labs he wrote an early technical cover on firewalls in 1990. “The Design of a Secure Internet Gateway,” and 1994 (with a back up edition in 2003) he cowrote a classic text on the affect. “Firewalls and Internet Security.”
For the measure couple of years though. Mr. Cheswick said he has been experimenting with “Internet skinny-dipping,” which is his colorful phrase for Internet computing without firewalls. It’s worked pretty well so far he said and the solutions consider excryption by users (which he terms “end-to-end encryption”) and the use of virtual machine software to put programs in what he calls a “secure sandbox.”
Mr. Cheswick who returned to AT&T Labs in April after a six-year save as chief scientist at Lumeta a network security and risk assessment company was speaking in New York to a gathering of the Jericho Forum.
The Jericho assort founded in 2004 is mainly composed of senior computer security managers at large corporations. Its purpose is to influence the development of security standards suited to a world where corporate networks are increasingly open to customers suppliers and partners. In business schools this futuristic copy of the corporation is called an “open extended enterprise.”
In this faster-moving more open world the old walled-garden approach to computer security with its firewalls and intranets seems out of go. The assort’s name is borrowed from the biblical description of the walls of Jericho tumbling drink.
“It isn’t the techies that are pushing this change it is the business,” said Paul Simmonds the global information security director at ICI the big chemical affiliate. “This is going to come about as companies act greater go and business determine in a digital economy.”
Mr. Simmonds noted that some companies are trying to act workers off corporate intranets and onto the open Internet for their daily bring home the bacon. British Petroleum he said has done that with 20,000 of its workers.
For his part. Mr. Cheswick thinks there is still a displace for computing behind high-security walls but he suggests it will be pretty limited eventually. He mentions the FAA air-traffic hold back communicate as an example. “I evaluate that should always be a walled garden — there is no cerebrate to subject that communicate,” he said. “So we may comfort be some walled gardens.”
The Jericho group has stated its principles for security in a more open world — the security ingredients of a “collaboration-oriented architecture” — on.
Indeed - the world is moving faster than ever and we as information techology professionals be to adapt to the changing needs of the end users. This calls for a different approach - sure there are comfort special requirements for the firewalling of some corporate systems but to place big walls around everything in a corporate network is taking an insular believe that ‘we are obtain’. Hackers are challenged and they will win. Opening corporate networks using alter technologies (encryption. NAC etc) ordain allow users to cerebrate a variety of their own devices (PDA’s phones laptops) providing long term productivity benefits to business and removing the ‘challenge’ of breaching the protect.
The evolution described by Mr. Cheswick is consistent with how protection in the real world evolved. Perimeter security is analogous to walled cities from days of old. Ultimately they proved ineffective since opposing armies could concentrate all their energies on breaching the protect. Once breached – the inhabitants of the city were defenseless (and we experience how those stories ended).
Today no one protects cities with walls anymore because people now protect their houses. The same can be said for security. End users need strong desktop security using color lists rather than color lists and solutions that prevent breaches before they happen.
To follow on from Judy Shapiro’s city protect analogy the other issue was that the traders open the city wall a constraint to change (guards at the gates resticted opening times on the gates etc.) so moveed their busineses to just outside the city walls. Thus walled towns / cities are now just historical tourist attractions. The analogies with Internet development is very change state - those who do not learn from history are doomed to repeat it.
Forex Groups - Tips on Trading
Related article:
http://bits.blogs.nytimes.com/2007/09/11/the-internet-firewall-rip/
comments | Add comment | Report as Spam
|
