[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipsec vs. firewalls

To: Dan Stromberg <strombrg@hydra.acs.uci.edu>
Subject: Re: ipsec vs. firewalls
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 10 May 1998 18:42:37 -0400
cc: Marcus Leech <Marcus.Leech.mleech@nt.com>, ipsec@tis.com
In-reply-to: Your message of "Fri, 08 May 1998 10:01:10 PDT." <35533A56.5D9C@hydra.acs.uci.edu>
Reply-To: perry@piermont.com
Sender: owner-ipsec@ex.tis.com

Dan Stromberg writes:
> > The problem is that for a corporate network of any substantial
> >   size, there will *never* be a way to make the interior
> >   crunchy.
> 
> I have to disagree.
> 
> Eventually, I believe it is reasonable to expect that vendors will
> automate patch application, and that patches will be obtained from the
> vendor over the network.

I don't mean to sound nasty here, but in some of the financial
environments I work in integration labs work year round carefully
vetting applications before rollout, and nothing hits the production
equipment without extensive testing. Are you going to tell me that
people who have to be that paranoid lest you call up bitching about
your broker not being able to get a trade done for you are going to
let random vendors automatically change software on their networks?

No way in hell.

Perry

Follow-Ups:

Re: ipsec vs. firewalls

From: Dan Stromberg <strombrg@hydra.acs.uci.edu>

References:

Re: ipsec vs. firewalls

From: Dan Stromberg <strombrg@hydra.acs.uci.edu>

Prev by Date: Re: 3DES
Next by Date: Latest AH/ESP/Arch drafts and changes
Prev by thread: Re: ipsec vs. firewalls
Next by thread: Re: ipsec vs. firewalls
Index(es):
- Main
- Thread