Good, but the author forgets to mention the one reason why you should have a desktop firewall, even if the client is connected behind the corporate firewall:
Isolation.
You isolate all other clients in the network from a mobile that may have been exposed to a public or maby a customer network that may have been infected by a worm, virus or trojan.
Whenever that laptop gets plugged back in to the corporate network all hell breaks loose unless you have a second line defense in the form of a clientside firewall.
Isolation.
You isolate all other clients in the network from a mobile that may have been exposed to a public or maby a customer network that may have been infected by a worm, virus or trojan.
Whenever that laptop gets plugged back in to the corporate network all hell breaks loose unless you have a second line defense in the form of a clientside firewall.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/infocus/1867/585#585