The Internet Firewall: R.I.P.?

The article does seem to focus more on enterprise firewalls (providing connection filtering for corporate networks) rather than personal firewalls. Indeed, personal firewalls arguably become more important for companies whose workers connect from outside the corporate intranet.

This does make sense when you consider the increasing use of stealth in malware. It is hard enough for a resident personal firewall to detect the latest trojans using rootkit techniques - for a corporate firewall that can only see IP addresses and port numbers it would be next to impossible.

 

From the article:

Unless I'm missing something, this doesn't quite make sense. I'm assuming he means sandboxed or virtual operating systems for the user terminals, with the virtual systems networked instead of the actual physical systems? That would be a pretty good defense against rootkit based malware, but less effective against more conventional malware running on the virtual system itself. If the virtual systems are handling the data, they'll need virtual security packages to prevent trojans from harvesting passwords and voiding the encryption. If the virtualization system itself was ever compromized, such a setup would be horribly vulnerable.

I also find it very questionable not protecting their data with some form of firewall and relying strictly on encryption to secure it. Encryption might stop someone from accessing it but wouldn't stop someone from corrupting or deleting it.

Another thing that would concern me about allowing access to the encrypted data is the huge botnets now in existence. If the criminal organizations controlling them ever harness their combined power to attack encryption, a lot of it will fail. The odds of brute force attacks succeeding are much higher with that kind of power behind them.
Rick

 

A 90 degree swing and reason for a new book?
____________________

Do we really need a firewall (R.I.P.),.. ask me after full implimentation of IPV6.

 

Yes, I said in another thread recently that I believe the days of stand alone software personal Firewalls is numbered. I believe it will be add on to a suite of other security products only. We are pretty much there now. Little advertising dollars will be spent touting the firewall. No long top draw in security. It very well may fade away but not for awhile yet. As Paranoid said large networks yes, but single PC....

 

You have something. Just look at the available products for Vista. Mostly suites but very few stand alone firewalls. Meanwhile even the XP selection of stand alone firewalls shrinks as the firewall authors are bought up to incorporate their technologies in suites.

 

This is interesting. Since I have been a suite P ) person for the past few years and I haven't noticed this.

I don't know how many stand-alone FW companies were absorbed by bigger security companies (such as the acquisition of Sygate by Symantec) but this is also a factor.

Even Symantec does not offer a stand-alone firewall anymore for the home user (they do offer businesses Symantec Sygate Enterprise Protection).

 

That is more likely due to the significant changes in networking under Vista (a completely new network subsystem, with IPv6 support) which in turn requires major changes to most firewalls.

As for stand-alone firewalls, they are very much a requirement but due to more sophisticated malware (and leaktest techniques) most are morphing into more general "process/network control" packages, covering areas like interprocess communication and privileged system access. The challenge here is providing such features in a way that doesn't overwhelm the average (or advanced!) user.