Christian, > On Jul 10, 2024, at 8:46 AM, Christian Huitema <huitema@xxxxxxxxxxx> wrote: > > On 7/10/2024 7:58 AM, Phillip Hallam-Baker wrote: >> And when we get to corporate networking, it is very much the same. Every >> customer I have ever had has always wanted a model in which their network >> is separated from the Internet by a moat with clearly defined physical and >> logical access points. > > The "crunchy on the outside" model of security would only work if you could trust every person and every device inside the perimeter, and if there were no uncontrolled bridge to the outside. But in practice you cannot really do that. So ultimately some kid of virus makes it in, roams freely "inside the moat", and you get a ransomware attack or a data dump. It reminds me of the big walls of medieval cities. They might have protected the inhabitants against bandits and raiders, but they certainly did not prevent rats from bringing in the plague. > Yes, and made worse in today world where many devices are mobile. They are used outside, infected, and then brought back in and spread the infection. Bob
