R: [Dshield] "Personal Firewalls" are mostly snake-oil?

F. Millotti fmillotti at glamm.it
Tue Jul 23 15:10:42 GMT 2002


Just a couple of thoughts:

a- it's too late now but... what if the definition "personal firewall"
[P.F.] could be changed into something else?
I notice here, and in several other mailists, that some people are hurt by
the use of the term "Firewall" together with "Personal".
These software appliances are not exactly firewalls, we agree, they just add
a firewall-like protection, because of some basic approach and feature, but
the topology itself is not and cannot be that of a firewall.
So a further question is: does a P.F. do any good? It seems that the
majority here considers this device useful, and -accordingly to some
personal communications I had- also some gurus in this field adopted them.
Useless? maybe too complicate for average user, so there's room to improve,
but not useless.

b- The debate besides the P.F. should also cover another aspect I
haven't -yet- seen here:
who is willing to include in his laptop's carrying bag the smallest
Cisco/Checkpoint/anyone else's firewall?
Assuming that such PCs  may also need to be protected in order to avoid
intrusion and whatever else when they are on the road or at home (but not
behind a FW) what is suggested here to use?
Is nothing better than a P.F.? is any other hardware device available better
than a P.F. for a mobile user?
Who's willing to let tens of millions of users let alone without a P.F. but
possibly connecting back to a corporate (or university) network sometimes?

Comments are welcome,
Francesco





More information about the list mailing list