F21 System Wide Change: Workstation: Disable firewall

Russell Doty rdoty at redhat.com
Tue Apr 22 17:22:07 UTC 2014


On Tue, 2014-04-22 at 19:01 +0200, Miloslav Trma─Ź wrote:
> 2014-04-22 13:40 GMT+02:00 Stephen Gallagher <sgallagh at redhat.com>:
>         3) Recovery and auditing are more important than prevention.
> 
> This is only true for large managed enterprises, where recovery is
> possible in the first place (how many people don't have good
> backups?), and prevention is bordering on impossible (with the high
> number of systems and administrators).  For individual users auditing
> is completely pointless, recovery is either impossible or a huge
> hassle, and prevention the only option.
Well, the presentation was focused on enterprise systems...

But there were some underlying themes:

* Users will work around anything, including security features, that
interfere with them doing their job.

* It is impossible to completely secure a system. A prevention only
approach doesn't work well.

* An effective security model is built around Deter, Detect, Delay,
Respond, Remediate.

* Security is one of multiple threats to system integrity. 

Russ
> 
>     Mirek
> 
> 
> 




More information about the devel mailing list