Definition of Firewalls
What is a firewall?
A firewall is piece of hardware or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction. It has the basic task of controlling traffic between different zones of trust. Typical zones of trust include the Internet (a zone with no trust) and an internal network (a zone with high trust).
|
|
Firewalls
|
|
Achieving Defense-in-Depth with Internal Firewalls
A single firewall at the Internet gateway is no longer sufficient. Currently there is a trend toward more and more outside access to the enterprise network by employees, partners, customers, and suppliers. In addition, attackers are becoming more sophisticated. A sound security perimeter today requires more than a single firewall connected at the Internet router. By segmenting the network with multiple firewalls, we can achieve the holy grail of network security - Defense-In-Depth.
Read the Article
|
Protecting the Next Generation Network - Distributed Firewalls
Corporate networks are constantly changing to meet the needs of businesses and continue to expand in ways that we couldn't have imagined only a few years ago. Gone are the days of a closed network with one external point of access. With the expansion of high speed Internet access via DSL and cable modems, users can now work from home using VPNs. Many companies are expanding their networks even farther with wireless technology allowing access for devices that aren't even physically connected to the network. Suddenly the networks with one or two points of access now have multiple points of access that can change from day to day.
Read the Article
|
Disconnect from the Internet - Whale's e-Gap In-Depth
While firewalls are a critical part of today's externally-connected networks, their weaknesses have been revealed time and time again. Some of the world's most widely implemented firewall systems, including Check Point's FireWall-1, Cisco's PIX, NAI's Gauntlet, and Axent's Raptor, have had serious vulnerabilities exposed in recent history, and all of these could be exploited remotely by a malicious party in order to gain access to the backend systems. These vulnerabilities were able to exist because of three fundamental design flaws that all firewalls have: a) they all speak TCP/IP, a protocol fraught with inherent vulnerabilities; b) they all connect both the DMZ and internal network in the same way that a router does; and c) holes must be created to allow network traffic to flow through to the inside.
Read the Article
|
Application Level Content Scrubbers
Securing an organization's content servers (be it web, file or mail servers) was at one time the primary domain of packet filtering routers. As the Internet became the mainstream medium it is today, the attackers and their attacks became more sophisticated; packet filters were no longer suitable and the perimeter defenses evolved towards session awareness - the current benchmark technology being stateful inspection which not only understands sessions but also the basics of an application protocol (e.g. Firewall-1 understands how an FTP session should be setup). Firewalls clearly excel at keeping clearly undesirable traffic from getting in and allowing acceptable traffic out. Unfortunately, firewalls do not excel in the e-business and content delivery environments that most organizations are interested in protecting. This is because firewalls were originally created for express purpose of blocking external access while still allowing internal users out.
Read the Article
|
Comparison Shopping for Scalable Firewall Products
No Network Designer worth their salt would dream of purchasing a router or switch without demanding benchmark test results on throughput and subscription rates. After all, routers and switches represent choke points on the network where over-subscription can reduce a gigabit backbone to 10mbs crawl due to failed connections or latency caused by re-transmittal of lost packets. A really poorly chosen exterior router or switch can even cause a cascade failure of the entire network by propagating, or failing to contain, broadcast storms. At best, an over-subscribed exterior device will choke Internet connections and waste money paid for expensive bandwidth.
Read the Article
|
Using open source to create a cohesive firewall/IDS system.
Defense in Depth is a basic concept, wherein the defender seeks to apply designated, concentric layers of defense in an effort to detect and deter an enemy. Attackers are faced with breaking through or bypassing each layer without being detected, a difficult task. Another benefit is that a flaw in one layer can be covered by other layers, thus mitigating a mistake in the implementation of a particular layer of defense. There are many components that make up the defensive layers: ip firewalling, tcp wrappers, application access control, intrusion detection, encryption and many more. In this paper I will be discussing what are arguably the two main components of the layered defense, a firewall and intrusion detection system. More importantly I will show how to use existing open source technologies to combine these into a comprehensive whole that, while not providing a total solution, can go a long way in fulfilling the defense in depth strategy.
Read the Article
|
Private Internet Exchange: The Fastest Firewall in the World?
There are now numerous amounts of firewalls available in today's market with a wide array of speeds, strengths and weaknesses. The limitations are based on an engineers ability to decern the needs of the client and or model and provide the correct product choice, followed by proper deployment, configuration and management. Without proper implementation, maintenance and follow-up no firewall is invincible.
Read the Article
|
What is Egress Filtering and How Can I Implement It?
This paper discusses the benefits of performing egress filtering on each of your border routers. As we will see, egress filtering is not only beneficial to your own network, but to the rest of the Internet as well. This is because egress filtering makes your network far less appealing to attackers who are trolling for potential relay sites. What is Egress Filtering? To discuss egress filtering, let's start by mapping the flow of traffic for a typical site which is connected to the Internet. This is shown in Figure 1. Note that we have an internal network as well as a service network which are protected by a firewall. All outbound connection attempts pass through the firewall and the border router on their way to the Internet.
Read the Article
|
Securing Systems with Host-Based Firewalls - Implemented With SunScreen
This article discusses how host-based firewalls can be an effective alternative to choke-point based firewalls to provide an additional layer of security in an environment.
Read the Article
|
Change Control Process for Firewalls
A critical but frequently glossed over part of security practice is Change Control (CC). This is the process of implementing change while controlling its environmental impacts. This paper covers the fundamentals of Change Control and Procedures as it applies to the management of Firewalls. Using careful process and planning it is possible to reduce risks associated with changes thereby minimizing the likelihood of detrimental impacts on business operations.
Read the Article
|
|
|
Page: 1 2 3 4 5 6
Members currently browsing this category:
|
|
