Firewall Firestorm

4:30 PM -- It looks as if the vendors who put together the Interop network had a little tiff about who protected whom from what.

Following its May 4 press release titled "3Com Security Solution Identifies and Prevents Slammer Worm from Spreading on Interop's Network: TippingPoint Blocks What Juniper Security Products Miss," network vendor 3Com Corp. (Nasdaq: COMS) did a bit of backpedaling.

It issued a follow-up release on May 10. Here are some highlights:

At the request of Juniper Networks, 3Com today provided additional insight into the network configuration of the InteropNet Event Network (eNet)... 3Com has learned that while its TippingPoint Intrusion Prevention System (IPS) did in fact block more than 20 severe network attacks that could have brought down the tradeshow's voice network, the attacks were not missed by a perimeter firewall. The firewall protecting the voice network was intentionally turned down to allow the network to operate more efficiently during its configuration... The general premise of the release remains accurate, particularly regarding the need for implementing robust security solutions, not point products, however, we regret if the mischaracterization of the network architecture led to any negative implications about other vendor solutions, specifically Juniper Networks.

What have we learned? Apparently it's not nice to insult another vendor's firewall at a show that highlights interoperability. More interesting, though is that this is an example of security gear vendors openly admitting there's a significant tradeoff between performance and protection, so maybe high-speed networks aren't ever really as safe as we hope they are.

— Phil Harvey, News Editor, Light Reading

Sign In