Firewall free security doable, but not ideal

IT pros say it's certainly possible to achieve solid enterprise security without firewalls, as the San Diego Supercomputer Center (SDSC) has done. But that doesn't mean they're about to rip the firewalls from their own environments. Their comments come in response to a story Monday about how the SDSC has suffered only one security breach in a period of almost six years, even though the organization doesn't use firewalls.

At the 2006 USENIX Annual Technical Conference in Boston, Abe Singer, computer security manager for the SDSC's Security Technologies Group, explained that his organization has managed to minimize intrusions through host-based security measures that include a centralized configuration management system; regular and frequent patching; and strong authentication that includes a strict ban on plaintext passwords. Firewall-free security doable, but not ideal

Linked by shanmuga Tuesday, 13th June 2006 2:44AM