- The Methodical Approach and the Need for a Methodology
- Firewalls, Security, and Risk Management
- How to Think About Risk Management
- Computer Security Principles
- Firewall Recommendations and Definitions
- Why Do I Need a Firewall?
- Do I Need More Than a Firewall?
- What Kinds of Firewalls Are There?
- The Myth of "Trustworthy" or "Secure" Software
- Know Your Vulnerabilities
- Creating Security Policies
- Defense in Depth
Defense in Depth
We can't stress enough the need for Defense in Depth (DID). Computers, software, firewalls, and all the creations of man have one fundamental flaw: People created them, and people are not perfect; people make mistakes. You simply cannot rely on one thing to protect your network and computers. Firewalls are wonderful and powerful tools for protecting systems, but they are neither perfect nor complete solutions for the incredibly wide range of vulnerabilities and threats that modern networks and computers face.