Talking with a Forbes blogger about firewalls

    Date 31 May 2010
    Category Firewalls
    Posted By Alex
    This is the second of two parts of an interview with Daniel Kennedy, MSIA, who graduated from the Master of Science in Information Assurance program in the School of Graduate Studies of Norwich University in 2008. He has recently become a contributor to an interesting, thoughtful and valuable blog at Forbes Online and I interviewed him recently about his new project.

    What do you think your focus will be in the coming months?

    I'm still finding my voice on this Web site, but my primary focus will be on what I think is most missing: fundamental security strategy within companies and its effective execution. I am very much in favor of the capabilities new and innovative products can provide, but I find their implementation in many organizations is haphazard; the products lead the implementation calendar rather than allowing internal teams to find the right products that fit into an overall, strategy that prioritize the rollout of its component parts.

    For example, there are organizations which provide privileged access to all users and have no Web filtering, yet they are asking about high end data leakage protection (DLP) products. Companies may have no patch management and no validation of their anti-virus, yet they want to discuss high end log review security information and event management (SIEM) products. Many companies are not doing intrusion detection at all, doing it in baffling ways, or outsourcing it to providers who aren't actually monitoring anything. In most cases all of these things should be part of a strategy, but more complex projects will only be successful if built on a foundation of getting the basics right.

    The link for this article located at Network World is no longer available.

    LinuxSecurity Poll

    How do you feel about the elimination of the terms 'blacklist' and 'slave' from the Linux kernel?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"112","title":"I strongly support this change - racially charged language should not be used in the code and documentation of the kernel and other open-source projects.","votes":"3","type":"x","order":"1","pct":42.86,"resources":[]},{"id":"113","title":"I'm indifferent - this small change will not affect broader issues of racial insensitivity and white privilege.","votes":"2","type":"x","order":"2","pct":28.57,"resources":[]},{"id":"114","title":"I'm opposed to this change - there is no need to change language that has been used for years. It doesn't make sense for people to take offense to terminology used in community projects.","votes":"2","type":"x","order":"3","pct":28.57,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.