sql server programming: Hi all,


Some sources like www.techieindex.com saying "Firewalls
are necessary tools, but they are not the core of
information security. You need to concentrate on a
holistic security architecture. Security shouldn't be
added to an enterprise; it must be woven into the fabric
of the application". Aren't firewalls enough for
information security?

All a firewall does is to block all network traffic through the device, you
allow your own traffic/public traffic by opening up ports, protocols and/or
IP ranges.

IMHO, a firewall is like the gate to your drive, you still need to lock your
house door in case somebody gets over the fence or your trusted gardener
decides to steel your Ferrari.

You still need a login/password strategy, for instance, Windows does strong
passwords that combat people just using a password of say 'secret', its also
daft to have your password reflect the current month etc... all can be guest
easily. Renaming admin accounts, long user names etc... are all part of a
security architecture.

Then there is disaster/recovery - you must always back things up and make
sure those backups work - all too often people rely on tape media that
simply isn't that reliable - consider the new external harddrives which can
be easily connected/disconnected to/from your server via firewire or USB;
they offer a) more reliability compared to tape media; b) faster
access/transfer speed; c) more compact and d) cheeper.

Tony.

--
Tony Rogerson
SQL Server MVP
http://www.sqlserverfaq.com?mbr=21
(Create your own groups, Forum, FAQ's and a ton more)

Can't remember the exact figure, but something like 40-60% of all computer
crime is done by internal people, i.e. people who already have access to
your network. Firewalls only help against people who are outside your
network.

--
Jacco Schalkwijk MCDBA, MCSD, MCSE
Database Administrator
Eurostop Ltd.


[quoted text, click to view]

Agreed. Also remember that the only secure firewall is to have your
organization disconnected from the internet. If you can get email, or ftp,
or any internet traffic in and out, then a hacker can do the same thing.
Don't forget that a lot of those guys have way too much time on their hands
:)

--
----------------------------------------------------------------------------
-----------
Louis Davidson (drsql@hotmail.com)
Compass Technology Management

Pro SQL Server 2000 Database Design
http://www.apress.com/book/bookDisplay.html?bID=266


[quoted text, click to view]

[quoted text, click to view]

What if you don't have a Ferrari?

--
Tibor Karaszi, SQL Server MVP
Archive at: http://groups.google.com/groups?oi=djq&as ugroup=microsoft.public.sqlserver


[quoted text, click to view]
<snip>

[quoted text, click to view]

In that case the trusted gardener will probably nick your Mercedes ;-)

--
Jacco Schalkwijk MCDBA, MCSD, MCSE
Database Administrator
Eurostop Ltd.


"Tibor Karaszi" <tibor.please_reply_to_public_forum.karaszi@cornerstone.se>
[quoted text, click to view]