F21 System Wide Change: Workstation: Disable firewall
rdoty at redhat.com
Tue Apr 22 17:22:07 UTC 2014
On Tue, 2014-04-22 at 19:01 +0200, Miloslav Trmač wrote:
> 2014-04-22 13:40 GMT+02:00 Stephen Gallagher <sgallagh at redhat.com>:
> 3) Recovery and auditing are more important than prevention.
> This is only true for large managed enterprises, where recovery is
> possible in the first place (how many people don't have good
> backups?), and prevention is bordering on impossible (with the high
> number of systems and administrators). For individual users auditing
> is completely pointless, recovery is either impossible or a huge
> hassle, and prevention the only option.
Well, the presentation was focused on enterprise systems...
But there were some underlying themes:
* Users will work around anything, including security features, that
interfere with them doing their job.
* It is impossible to completely secure a system. A prevention only
approach doesn't work well.
* An effective security model is built around Deter, Detect, Delay,
* Security is one of multiple threats to system integrity.
More information about the devel