Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I agree that defense in depth is a good idea, but one key factor to consider is cost. Having a basic firewall makes sense, if for no reason other than “documenting” your public services in one place, but many places are either lulled into a sense of complacency or spend inordinate amounts of time managing tons of rules trying to segregate internal hosts, update for every new network app, etc.

It's that latter group which really needs to hear the truth that they should invest in endpoint security instead unless they have a high security threat and enough resources to do both.



Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: