Good Uses for a Firewall
-
Reducing exposure of vulnerable services on hosts you can't
patch because they are:
-
Certified by the FDA for only one particular revision of
software;
-
Old and no longer supported by the vendor;
-
Devices with code in ROM, such as a printer or terminal server;
-
Embedded in a device with a service contract where the service
technician routinely wipes out any custom configuration
-
Protecting a new computer or service while you bring
it up (even if you don't intend it to be firewalled in production).
-
Preventing the spread of worms and exploitation of back-doors.
-
As insurance against misconfigured hosts (defense in depth).
-
Explicitly blocking specific troublesome traffic.
-
Meeting due-diligence security requirements.
-
Limiting access to network-attached printers and devices.
PREV NEXT