If we accept the premise that the perimeter model of security is eroding and systems are becoming a loosely federated collection of compute power and storage…then will firewalls even exist? Yes, and I don’t see the perimeter going away.

Case in point, Whisper Systems’ new product for Andoid:

Dynamic egress filtering.

When enabled, WhisperMonitor will monitor all outbound network traffic and issue dynamic prompts in order to determine egress filter rules.

Excellent feature. ZoneAlarm was famous for this. Knowing who your device is communicating with seems like an obvious requirement for security controls. However, far too many spend all their time focused on blocking inbound traffic only. Filtering outbound traffic is just as important.

Of course that begs the question of monitoring:

Connection history.

WhisperMonitor optionally records the connection history of the software installed on your device, giving you insight into where it is connecting and how often.

What I can’t find in the WhisperMonitor is the ability to setup zones or profiles, a usual feature of firewalls. It would be excellent to be able to switch between a work mode with egress to a certain set of systems, and a personal or home mode with different egress rules.

That might be something more likely to be found in Juniper Pulse, which allows egress filtering for Symbian S60 devices based on configuration policies (not yet for Android).

Speaking of Pulse, imagine if you could tunnel all traffic from the mobile device back to your home router and then filter it there. That could be handy for those who want to manage and monitor a policy for all their phones — a single shared egress point with a perimeter for all mobile users in a family or group.