Of course, saying the Jericho Forum is like the Round Earth theory is extremely self-serving. 
Even the Round Earth theorists weren't proven right until afterword, and even then, someone had to be wrong somewhere. All those other little groups that were wrong we'll never know about. Likewise, Jericho might be like the Triangle Earth theory; they have a theory, but history will forget about them because the theories were largely unimportant and lost.
Not saying that's what I think they are, but that's equally as feasible an end result as being lauded like a Round Earth theorist.
I think the perimeter is still there and will always be there as long as we have competition (i.e. the US) and will always be useful as a grounds for security. But I think we have seen a rightful upsurgence in data and end-point security. None of those three will win out in the end over the other two. There truly must be a mix of the three for any ultimately successful security posture.
I think that's what I don't like the most about the Jericho Forum and some of the defenders. The commandments themselves deal with networking and endpoints as much as the data itself as well. De-perimeterization could be removed from the whole discussion and it wouldn't much change the commandments/framework at all. I think that's been a big misunderstanding that Jericho requires no perimeter, or that this means the network isn't a battleground. It is.
The perimeters are just crossed more porously than they used to be; nothing more. That's natural, and doesn't necessarily mean the perimeter is gone; not at all.
Well, that's a matter of terminology, as Andrew keeps pointing out, and as Rich M pointed out, and as Hoff pointed out, and, er, I think I pointed out somewhere...
A porous perimeter could be argued to be "de-perimeterised". What use is a perimeter defence with holes in it after all?
I would argue that a perimeter with holes in is so ineffective as to make data and "end point" security good enough to exist without it.
Yes, the network is a battleground, I never said otherwise, it's just that we need to get to a point where the end points can be protected in themselves, not relying on imaginary or technical boundaries.
Jericho stuff? What Jericho Stuff?
The perimeter is a state of mind reinforced by the current ability of the technology which we continue to deploy as band-aids to shore it up.
The "network" is a battleground, but what's important is how you chop it up and decide where to attack, where to defend and where to give up.
/Hoff
Goddamn it, I agree with Hoff again.
What's the world coming to?
Network security is analogous to physical security. You can build castles to keep the riff-raff out, but then you need guarded caravans to do business.
As industrialization changed the economic climate and governments took over the function to serve and protect, highwaymen and bandits were hunted down and eliminated, making the caravans safer and the castles unnecessary.
Business network collaboration is in the feudal era, still needing to wrap packets in encryption and building castles to hide in. Until there is some organization that will police the Network and hunt down the criminal element, this is the model.
As time goes by, the Jericho model looks more likely. After all, history repeats itself. And the modern day highwaymen - hackers, phishers, and spammers - would do well to take note of the pattern.
A firewall isn't ineffective because it has openings. If that were the case, my house is ineffective. My network has ALWAYS been ineffective even back in 1980. Almost every measure of our security (in any context, physicaly or digital) is ineffective.
That's not a good reason, to me. And it does not follow, then, that the perimeter is going away...
And I don't agree that the endpoints need to be ultimately resilient and secure in and of themselves any more than I think we should all drive H3 Hummers around so we can be safe on the road...
Commenting by HaloScan
