Monday, 18 April 2011

Introduction to Firewalls - HND and BSc level

A firewall is a hardware or software solution that enforces an organisation’s security policies, by restricting access to specific network resources. It enforces an access control policy between two networks. The actual means by which this is accomplished varies widely, but in principle, the firewall can be thought of as two mechanisms: one that blocks traffic, and one which permits traffic (rules). Probably the most important thing to recognise about a firewall is that it implements an access control policy.

The network inhabited by the gateway is often called a demilitarised zone (DMZ). The DMZ refers to a part of the network that is neither part of the internal network or directly part of the Internet.

4 general techniques that firewalls use to control access and enforce the site’s security policy:-

  • Service control – determines the type of Internet services that can be accessed inbound or outbound. The firewall may filter traffic on the basis of IP address and TCP port number: may provide proxy software that receives and interprets each server request before passing it on, or may host the server software
  • Direction control – determines the direction in which particular service requests may be initiated and allowed to flow through
  • User control – controls access to a service according to which user is attempting to access it. This feature is typically applied to users inside the firewall. It may also be applied to incoming traffic (requires some form of secure authentication).
  • Behaviour control – controls how services are used – e.g. may filter emails to eliminate spam.

Types of Firewalls
There are two general types of firewalls: application layer firewalls and packet filtering firewalls.

A Bastion host is one which has been identified as a critical strong point in the network’s security. Only services that are considered essential are installed on the bastion host and it operates a secure version of the operating system, making it a trusted system.

Firewall Configurations
There are three common firewall configurations:

  • screened host firewall, single homed bastion; 
  • screened host firewall, dual-homed bastion; 
  • screened subnet firewall.

Firewalls can not protect against attacks that bypass the firewall, disgruntled employees or the transfer of a virus-infected programs.

No comments:

Post a Comment