5.8. Monitoring
Many people assume that a firewall is a “fit it and forget it” option; however, this is not the case. You should assume that a firewall-protected network is still vulnerable, although you can reasonably expect that attacking it will take more time.
To further improve the security of a network, you should arrange for continuous monitoring of activity passing through the DMZ. The idea is that if someone tries to break into your network, you have a chance of noticing the attempts before they are successful, and therefore you have an opportunity to protect whatever it is they try to attack. In many cases, that opportunity might be simply to pull the plug on your main Internet connection point for a while.
If you have to look at every ...
Get Sun Certified Enterprise Architect for J2EE™ Technology Study Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
