Wes Wasson of NetContinuum will talk about how the simple notion
of a clear border between inside and outside your organization isn’t
so much wrong, as oversimplified. Now there are multiple zones
with varying levels of security, but there are still boundaries.
The first third of the talk is very general about all the reasons
that the idea of a clear perimeter isn’t realistic any more. There’s
nothing new here for me.
Others say that firewalls just try to guard a perimeter, so firewalls
aren’t important any more. But what firewalls really do isn’t create
an impenetrable wall to block attacks. Firewalls really: reduce
the attack surface; control the variables for troubleshooting;
segment networks from each other; provide useful points of control;
and centralize logging and alerting around logical segments. Thus,
there will be a lot of firewalls in an organization,
creating network segments serving different kinds of users, and
helping manage the overall security.
There are multiple perimeters emerging. There’s the good old
network perimeter, but also application perimeters and mobile
Standalone firewalls are disappearing. There isn’t one gateway
between network segments, but many (including VPN access, protocol
specific gateways for filtering spam and web content, an intrusion
detection systems). The first firewall has many holes in it, passing
some filtering needs on to these specialized gateways.
The application perimeter doesn’t filter at the network layer, but
at the application layer. Things like SSL VPNs fit here. This
kind of firewall can do a deeper analysis of what information
is passing through it than a network firewall could. The speaker
claims that these firewalls are going to have to be hardware
based to perform acceptably well.
The last IT investment cycle focused on the network. The next one
will focus on applications.
This has not been a very deep talk, but it’s interesting and very
relevant to my needs.