Firewall cannot deal with internal network attack
Firewall is a perimeter security device. A perimeter security device is only good at protecting the internal network from external attack. That means if an intrusion originates from internal network, then firewall cannot deal with it.
Statistics shows that most of the network attacks of an organization comes from internal employee and hence most likely comes from internal network. Firewall cannot handle this kind of network attacks.
To compliment Firewall’s limitation in dealing internal network attacks, we need other devices like Intrusion Detection System (IDS), and of course other common security measures in areas like physical security.
August 24th, 2006 at 1:59 pm
Dave…
Interesting topic… I\’m working in this industry myself and I don\’t agree about this in 100%, but I added your page to my bookmarks and hope to see more interesting articles in the future…
From Damen..
Dave, Glad to know you. Yes, feel free to leave further comments to this post or other posts in this blog 🙂
January 30th, 2011 at 3:44 pm
I’m working for a company in IT department and I’m very interesetd by your point of view. You say “other common security measures in areas like physical security.” what you mean by that ?
May 26th, 2012 at 11:04 pm
Physical security implies security objectives that prevent people to maliciously access your computing equipment physically. So it is beyond what a firewall can do as the attack is not coming from the data network connections, etc.