Anton Aylward wrote: > > On Tue, 2002-10-15 at 00:26, Jared Valentine wrote: > > > > While it is correct that all security comes down to "software" at some > > point, I would argue that hardware is much more secure. The difference > > between the two is that the hardware manufacturer can build off of a trusted > > base/OS. They can look at the OS line by line and strip out everything not > > essential for the operating of that firewall. So could some customers and they could do it with their specific needs in mind. > I think that you "DON'T GET" Marcus's comment. > Hardware in this sense is still software - embedded systems. > Nothing in the Gartner paper contradicts that. Another way of looking at it is the difference between software installed and configured by the vendor vs software installed and configured by the customer...or maybe even proprietary vs open source (sorry, couldn't resist). The effectiveness probably depends on the needs and capabilities of the target market. I'm sure NSA would like the opportunity to inspect and tune their own kernel and OS configuration while a small company consisting mostly of web developers would rather leave that chore to the vendor (and therefore trust them with their security). One could make similar arguments either way for "appliance" web servers, mail servers, or other turn-key systems. -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Tue Oct 15 2002 - 09:47:52 PDT