Lisa Yeo is a systems analyst with the Legislative Assembly Office in Edmonton, Alberta, Canada. Her start in security came in 1997 when she was made responsible for managing a corporate firewall.
Since that time, she has acquired the Global Information Assurance Certification Security Essentials and Windows certifications. Lisa currently sits on the GIAC Windows Board.
How did you gain interest in computer security?
I inherited responsibility for the corporate firewall at my current employer. In an attempt to learn more about protecting our systems, I attended a SANS conference in 1999. From there my interest in the subject area just took off.
How long did it take you to write “Personal Firewalls for Administrators and Remote Users“? Any major difficulties?
Longer than I thought it would. From the time I started the first outline to the time I submitted the last section, about 10 months had passed. We still had some copy editing to do after that.
The biggest difficulty was overcoming my own fears. Writing is really outside of my comfort zone; I’m a mathematician by training. I found that the key was to just write stuff, no matter how awful, and edit it later. It’s always easier to make changes once you have made a start.
What can users do to choose a firewall that is right for their needs?
The most important thing is that you know your needs. After that, you find the product that stops everything else.
It’s important to be honest with yourself about how much work you’re willing to do to set up and maintain your product. There is no point in getting a super-sophisticated and flexible product if you’re going to turn off most of the features because you don’t understand how they work.
Which personal firewalls would you recommend to our readers?
I’m a recent convert to Kerio Personal Firewall–I particularly like its interface. I think that my experience with the corporate firewall, though, really influences my opinion on Kerio; some novice users would probably find it less intuitive than most of the commercial products like ZoneAlarm or BlackICE.
In a linux world, you really can’t go wrong with iptables. Free, lots of flexibility, and it does a really good job. It can be a bit of work to wrap your mind around how it works. But then Linux users like to do that, right?
In your opinion, how important is a firewall in the overall security architecture?
I’ve heard it said that firewalls aren’t necessary at all–just disable any services you don’t use. I believe that’s easier said than done; how many people actually know what services they need on a Windows box?
Since we can’t expect even the most security-aware users to be able to (or even want to) disable unnecessary services, patch regularly, and monitor usage, a firewall plays an important role in protecting your computers and networks. It’s wrong to think that a firewall will protect you from everything, though. In order to do anything useful on the Internet, you have to open up holes in your firewall and those holes leave you vulnerable.
What are your future plans? Any exciting new projects?
I don’t know about exciting, but I’ve started my MBA. That’s going to take up all my free time for the next few years. In the future, I hope to move into security management. Maybe someday CSO’s will get respect.
What is your vision for firewalls in the future?
When it comes to personal firewalls, I suspect they’re going to have become as easy to use as anti-virus software. I think the average user would rather let someone else worry about keeping their computer secure by updating rules and signatures. Of course, there will always be some of us who want to control their own systems, so there will always be options like iptables.