- The Methodical Approach and the Need for a Methodology
- Firewalls, Security, and Risk Management
- How to Think About Risk Management
- Computer Security Principles
- Firewall Recommendations and Definitions
- Why Do I Need a Firewall?
- Do I Need More Than a Firewall?
- What Kinds of Firewalls Are There?
- The Myth of "Trustworthy" or "Secure" Software
- Know Your Vulnerabilities
- Creating Security Policies
- Defense in Depth
Do I Need More Than a Firewall?
Yes, always, without a doubt, you need more than a firewall. You will need tools to help you harden your system, to check the integrity of your files, binaries and drivers, intrusion detection and prevention tools, patch management technologies, and penetration testing tools. Sometimes you might even need military grade cryptography, security policies to describe what users can and cannot do, training for those users, and above all else, a certification program and even a risk management plan. A firewall is never enough by itself.