Columns

Firewall Follies

  • September 2002
  • By Simson Garfinkel

The complacency firewalls breed is ultimately more damaging than the computer pirates they keep out.

   

Do you use the Internet at work? I see lots of hands. You may not realize it, but your access to the Net is most likely mediated by some kind of firewall. Companies are spending thousands, even hundreds of thousands, of dollars on these systems-and trust them to protect their networks from snoopers and intruders.

That's a problem, because firewalls often provide a mere illusion of protection. They don't make business systems significantly more secure. And by focusing attention on defending the perimeter, rather than on defending information assets within an organization, firewalls foster lax internal security practices that magnify the damage that insiders can inflict.

What firewalls do accomplish, however, is this: they make the Internet more cumbersome to use. I recently visited a friend's firm in New York and wanted to check my e-mail, so I plugged my laptop into a network jack in an unused office. Access denied: my PC wasn't set up to work with the company's firewall. So instead of reading my e-mail, I occupied myself by sniffing the traffic on the office network and probing for a way out. (Had I been inclined, I could have read everybody else's e-mail-or done real damage.)

Firewalls are simple in concept. A typical firewall consists of a special-purpose computer that has two network plugs. One plug goes to the Internet; the other connects to a company's office network. The firewall is programmed with rules that determine what traffic is allowed to pass and what is to be blocked. For example, a firewall might be set up to allow managers in human resources to browse the Internet, or to access their desktop PCs from home, while permitting people in the corporate call center only to access their e-mail. The better firewalls log everything that moves across the boundary, giving companies a powerful tool for auditing online activity.

 

To read the entire article you must log in:

Most of our content — all daily news, blogs, and videos — is free. Magazine stories are paid. To read this story, you must have a subscription or you must use a reading credit. Registration to Technology Review is free and entitles registrants to three free reading credits.

Username or REGISTER
Password  
   
 
Advertisement

MAGAZINE

Can We Build Tomorrow's Breakthroughs?

Manufacturing in the United States is in trouble. That's bad news not just for the country's economy but for the future of innovation.

Sponsored Content

Technologies from National Instruments

Adding Data Logging
Log measured data to a file and open it in Microsoft Excel

> Click here for more National Instruments Videos <
Whitepaper

Temperature Measurements with Thermocouples: How-To Guide

This document is part of the “How-To Guide for Most Common Measurements” centralized resource portal. This tutorial provides a detailed guide for measurement and device considerations to take temperature measurements using thermocouples. Get an introduction to thermocouples, which are inexpensive sensing devices widely used with PC-based data acquisition systems. Also review some specific thermocouple examples and learn how thermocouples work and ways to integrate them into a data acquisition measurement system.

View full PDF > Listen to story >
Find us on Youtube

Videos

Meet 2011 TR35 Winner Jesse Robbins

More

Advertisement

Technology Review Lists

TR50

Our list of the 50 most innovative companies, including the following:

First Solar

Joule Unlimited

SpaceX

Amazon.com

More

Advertisement

Facebook

Advertisement