Call me old-school but I firmly believe that adding technology, especially that without a long-term performance history, does not increase security. The presentation uses a lot of rationalizations which stretch the truth a bit. "We" do not let in port 80, that's done by people, using ISA, who are too cheap to buy a second IP address. Some of the "new" suggestions are actually from the old "moat" model, such as moving your public servers outside of the internal network.
In any case, there's also quite a few other presentations archived there. You may want to download/keep copies of the ones you find interesting. The site practice is to only make files available until they're about 6 months of age.
No comments:
Post a Comment