[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ipsec vs. firewalls
Phil
I've been a quiet listener in the background but in reference to your
remark:
> (rising to the bait) Firewalls are dead. Get used to it. :-)
It's nice to hear someone else say that! I have been carrying them as
"dead technology" in our architecture for the last two years and telli
ng
our vendors the same thing. They are "dead" and we need completely ne
w
concepts for security here.
This becomes completely apparent when you start to design security for
multi-gigabit links and the top-of-the-line firewalls pass maybe 100
megabits on a good day with tailwind!
That's the easy thing to fix -- throw silicon at the problem. While,
as I indicated earlier, I don't think firewalls are dead, I whole-
heartedly agree that current corporate-scale firewalls are dinosaurs.
But the problem is connectivity patterns, not speed.