Security: Who Invented the Firewall? And, what do they think now?

Who Invented the Firewall?
Dark Reading (01/15/08) Higgins, Kelly Jackson
Numerous computer experts can lay claim to inventing the firewall. Nir Zuk says he developed the technology that is used in all firewalls, and David Pensak claims to have built the first commercially successful firewall. William Cheswick and Steven Bellovin wrote a book on firewalls in 1994 at AT&T Bell labs and built a circuit-level gateway and developed packet-filtering technology, though they do not claim to have invented the firewall. Marcus Ranum says his reputation as inventor of the firewall is just a marketing trick and that David Presotto deserves the credit. Regardless, all of these security experts, along with Jeff Mogul, Paul Vixie, Brain Reid, Fred Avolio, Brent Chapman, and others were associated with the development of firewall technology. Gartner's John Pescatore says Cheswick and Bellovin were the fathers of the network firewall concepts, using packet filtering to deny everything except what is explicitly allowed, while Ranum was the father of DEC SEAL, the first firewall product. Today, some of the firewall's creators are no longer big supporters of the technology. Cheswick, a lead member of the technical staff at AT&T Research, says he has not personally used a firewall since the 1990s. "They are an economic solution to weak host security. I want to see stronger host security," says Cheswick, who adds that firewalls still have a place but are simply another network element. Steven Bellovin agrees. "The firewall as Bill and I described it in 1994 in our book is obsolete," says Bellovin, now a professor of computer science at Columbia University. He says having a guard at the front door when there are thousands of backdoors into a network does not work. "I'm not saying get rid of it at the door. It provides a low-grade access control for low-value resources," Bellovin says. "But the real access control [should be] at the host."
Click Here to View Full Article