The Internet Firewall: R.I.P.?
September 11, 2007
Is the Internet firewall headed for extinction? That was the intriguing subtext to a talk today by William Cheswick, a firewall pioneer. As a researcher at Bell Labs, he wrote an early technical paper on firewalls in 1990, ‘The Design of a Secure Internet Gateway,’ and 1994 (with a second edition in 2003), he cowrote a classic text on the subject, ‘Firewalls and Internet Security.’
I completely agree with this Cheswick’s philosophy - from what I constantly see in large enterprises (particularly Government), Firewalls are put everywhere out of paranoia - mostly causing a large number of headaches…
(Via nytimes.com)
For the last couple of years, though, Mr. Cheswick said he has been experimenting with “Internet skinny-dipping,” which is his colorful phrase for Internet computing without firewalls. It’s worked pretty well so far, he said, and the solutions include excryption by users (which he terms “end-to-end encryption”) and the use of virtual machine software to put programs in what he calls a “secure sandbox.”
In this faster-moving, more open world, the old walled-garden approach to computer security with its firewalls and intranets seems out of step.
“It isn’t the techies that are pushing this change, it is the business,” said Paul Simmonds, the global information security director at ICI, the big chemical company. “This is going to happen as companies pursue greater speed and business value in a digital economy.”
Mr. Simmonds noted that some companies are trying to move workers off corporate intranets and onto the open Internet for their daily work. British Petroleum, he said, has done that with 20,000 of its workers.
For his part, Mr. Cheswick thinks there is still a place for computing behind high-security walls, but he suggests it will be pretty limited eventually. He mentions the FAA air-traffic control network as an example. “I think that should always be a walled garden — there is no reason to expose that network,” he said. “So we may still need some walled gardens.”
See original article here by Steve Lohr.
Comments
Got something to say?