I sometimes hear of people talking about controlling TCP and UDP ports, as if that is the battleground for network access in 2007. Reality check -- that hasn't been true for years, unfortunately. Boy, I miss those days -- the days when defined applications used defined ports and blocking all but a few meant understanding the applications permitted in the enterprise. The Cisco IPJ article Boosting the SOA with XML Networking reminded me with this excellent diagram.
Those days are long gone, thanks to security monstrosities like those depicted next.
My gut tells me that when I see a bunch of terms squashed into one box, it's going to be a mess to understand, inspect, and control. I expect to hear from the development crowd that XML-fu is God's gift to the Green Earth, but it will take a miracle for me to believe that Everything-over-HTTP-over-port-80-TCP is a "good idea." We've got 65535 TCP ports to use and the whole world is collapsing onto one. Argh.
Incidentally, kudos to Cisco for publishing IPJ in such a Web-friendly format, as well as sending free printed copies.
0 komentar:
Posting Komentar