|
John / Patrick, Very good dialogue (for us security geeks)! I think the relationship between IBM and 3rd party security vendors is the best example of symbiosis found outside of Mutual of Omaha's Wild Kingdom. We need and feed off of each other. Of course, Jim is off having a drink with the flamingos and doesn't really care anyway. Regards, Steven W. Martinson, CISSP NetIQ Corporation Technical Support Specialist (Formerly Pentasafe Security Technologies, Inc.) Look for more details on our website: http://www.netiq.com Toll Free: 1.888.283.4840 Fax: 1.713.523.6393 The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. -----Original Message----- Message: 1 Date: Fri, 31 Jan 2003 00:45:46 -0800 From: "John Earl" <john.earl@powertechgroup.com> Subject: RE: Limiting Client Access - Partial Retraction > John, > > I am invoking the god given right to make a partial retraction of my last > note...After thinking about the last couple of exchanges over 6 medium-hot > Buffalo Wild Wings and a beer, I realized... [jte] It must have been the Buffalo wings. > I fell into the trap that I HATE falling into and hate when others fall > into it. That is the trap of speaking as if the word "secure" means the > same thing to everyone. I did that in all of these posts and I apologize. > > So, for my retraction... > I agree that it is possible to meet the requirements of a "rational" > security policy by using exit point programs or products. [jte] I'm feeling a whole lotta love right now. :) Next step is I try to get you to see that exit programs are a natural fit with resource security, Application Only Access, and other security schemes. They provide an important security layer that protects data when application security falls down. > I still argue that for the highest possible security, object level access > control is required. In other words, you can't attain the highest possible > level of security on your system without object level access control. That > said, it is obviously not everyone's requirement to attain the highest > possible level of security. [jte] I can't argue with the first statement. And I will concur with your earlier point that the iSeries makes it easier and less expensive to do really good security than other architecture (which leaves open the question "Why do so few people do it?"). As for the last statement, I still maintain that even people who require the highest possible level of security can't get their overnight. They need a natural migration path to that desired end. > > Perhaps I should go back to lurking...:-) [jte] Please, no. I haven't gotten this fired up about something on the list in months. :-) jte -- John Earl | Chief Technology Officer The PowerTech Group Seattle, WA 98032 (253) 872-7788 x 302 john.earl@powertechgroup.com www.powertech.com --
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.