Home Forums SQLServerCentral.com Editorials Are You Patched? RE: Are You Patched?

  • January 25, 2018 at 8:51 am

    #1977362

    GeorgeCopeland - Thursday, January 25, 2018 8:28 AM

    One of the implications of Steve's advice is that if you are a Windows shop, your firewall and external security solution should be based on Linux, and you should invest as necessary to maintain it. If your are a Linux shop, your security should be Windows. Exploiters tend to have expertise in one or the other, rarely both. This one measure will knock out virtually all of the opportunistic exploiters, leaving you to deal only with those who are targeting you. As for having systems around the operation unpatched because nobody knows and everyone is afraid to touch it: this is just unprofessional. Raise your bar.

    Frankly, unless you run a gateway packet inspection service (i.e. something that tries to determine malware intent in protocols) your firewall brand really doesn't matter as long as it is adequately secure. This isn't to say that firewalls aren't important, they are an important layer in security, just that they don't protect most systems from attacks because most attacks will pass through intentionally opened routes in the firewall. Why should an attacker overly care to hack a firewall when you've already opened a route? It's usually not worth the trouble and often requires a lot of specialist knowledge and the attack is much more likely to be noticed.