DoD is building a security architecture that will eliminate firewalls in the future

Hawaii Bob, security consultant and good friend, sent me a link to this article and a question:

DISA Eliminating Firewalls – http://www.afcea.org/content/?q=node/11248

The question: Can they be serious?

Bob and I discussed this with Pete Herzog, who pointed out that likely what they’re talking about is some version of the Moebius Defense. Pete’s big on “Defense in Width” over “Defense in Depth,” which I’m still struggling to understand, but about which various American intelligence organizations have been inquiring.

A Moebius strip is a strip of paper, twisted and joined at the ends. If you take a pencil and start on the “outside” of the strip and draw a line all the way around, you’ll eventually close the line – because there is now only one “side” to that strip of paper.

Applied to cyber security, it implies that if you start on the outside you stay on the outside, and vice-versa for the inside. There’s not way to “get there,” at least to the “inside.” How exactly this works, as I say, is still beyond me, but I’m going to be pestering Pete and the big heads at ISECOM a lot about this. If I can figure it out I’ll let you know….

***