Popular Posts

Friday 27 August 2010

What is a firewall?

What is a firewall?
A firewall protects your network from unwanted Internet traffic.  The functions of a firewall are to let good traffic pass through while ‘bad’ traffic gets blocked.  The important part is its access control features between good and bad traffic.

Firewall definition
A system or group of systems designed to prevent unauthorised access to a network, a system, or a group of systems.

Packet filtering
-          Examples are routers

Application Proxy
-          SOCKS, Metaframe

Stateful Inspection
- Check Point Firewall-1, Cisco PIX

  • Packet filtering is to filter traffic based on packet content, such as IP address or protocol type
  • Examines a packet at the network layer
  • Delivers good performance and scalability
  • Least secure type of firewall
                
  • Examines all application layers
  • Every client/server communication requires two connections
                  First connection is from the client to the firewall
                  Second connection is from the firewall to the server

  • Provides the highest level of security possible
  • Provides a highly secure solution
  • Maximum performance, scalability and extensibility

When installed, a firewall exists between your computer(s) and the Internet.  The firewall lets you request web pages, download files, chat etc. while making sure other people on the internet can not access services on your computer like file or print sharing.  Some firewalls are pieces of software that run on your computer.  Other firewalls are built into hardware and protect your whole network from attacks.

Every one connected to the Internet should be running some sort of firewall.  Any kind of firewall will keep you safe from these types of attacks.

How firewalls are setup?
They act as a go-between for any two given networks.  Firewalls as filters can be considered for most part to be infallible…but as a security measure?  They can only enforce rules (generally static).

“Crunchy on the outside, but soft and chewy on the inside”.

Firewalls should…..
  • support and not impose a security policy
  • Use a “deny all services except those specifically permitted” policy
  • Accommodate new facilities and services
  • Contain advanced authentication measures
  • Employ filtering techniques to permit or deny services to specific hosts and use flexible and user-friendly filtering
  • Use proxy services for applications
  • Log suspicious activity

What Firewalls can’t do……
  • Protect against malicious insiders
  • Protect against connections that do not go through them (e.g., dial up)
  • Protect against new threats or new viruses
           
Conclusions
  • Shouldn’t for your network either
  • Firewalls are an effective start to securing a network.  Not a finish
  • Care must be taken to construct an appropriate set of rules that will enforce your policy

No comments:

Related Posts Plugin for WordPress, Blogger...