Firewalls
Home Up About Us Contents Search

Home
Today

                           

Firewalls

A firewall is a component or set of components that controls access between enterprise and public networks like the Internet. Firewalls are often used in conjunction with virtual private networks (VPNs) to allow secure remote access to a corporate network. Today, more and more firewalls are being implemented within enterprise networks for greater control of internal traffic as well.

A firewall tracks and controls the flow of communication passing through it. Communication may be restricted by source, destination, application, time, day, or a combination of any of these considerations. To reach control decisions for IP-based services, a firewall must obtain, store, retrieve, and manipulate information derived from all communication layers, including the applications themselves. Firewalls are not plug-and-play.

There are three different types of services that are considered firewalls:

  1. Packet filters - These were the first firewalls and are just routers with statically created access control lists (ACLs) for specific layer 3 / 4 addresses. Communication is limited based on source or destination IP addresses.
  2. Application gateways or proxies - These are platforms running firewall software to implement security at the application level.
  3. Stateful inspection systems - These systems look at all communication layers, extract the relevant data, and build connection tables that allow higher performance. Stateful inspection supports a large number of protocols / applications and provides extensibility to new applications.

A firewall is only as good (or bad) as the overall corporate security policy and the configuration of the firewall itself. Firewalls are also slow, as all packets must be examined; today there is no such thing as a wirespeed firewall (except to the WAN).

A firewall can do the following:

  • Be a focal point for security decisions (choke point)
  • Enforce security policy (traffic cop)
  • Log activity (Big Brother watching who you communicate with)
  • Limit your exposure (keep intrusions from spreading)

A firewall typically cannot do the following*:

  • Protect against every malicious insider (many, yes-but not all)
  • Protect against connections that do not go through it (only supports IP traffic)
  • Protect against completely new threats (protects against known threats only-must be constantly updated)
  • Protect against viruses (a firewall can work with virus protection products)

*Continuing developments in firewall technology are adding and combining features, allowing some firewalls to offer services not typically part of the basic firewall.

Click below for more developments and tutorial articles:

 

Home ] Up ] Today ]

Send mail to webmaster@infomatek.com with questions or comments about this web site.
Copyright © 2001 Infomatek Consulting and Marketing Services