Home   About Us   Services   Solutions   Support            
Power Protection
Importance of Security
Threats to Data
Who are the Enemies?
What can the Enemies do?
Penetration Test
Security Policies
Security Tools
Bulletproof Virus Protection!
Intrusion Detection
Access Control
Network Scanning

A firewall is a hardware or software solution implemented within the network infrastructure to enforce an organization's security policies by restricting access to specific network resources. In the physical security analogy, a firewall is the equivalent to a door lock on a perimeter door or on a door to a room inside of the building - it permits only authorized users, such as those with a key or access card, to enter. Firewall technology is even available in versions suitable for home use. The firewall creates a protective layer between the network and the outside world. In addition to protecting trusted networks from the Internet, firewalls are increasingly being deployed to protect sensitive portions of local area networks and individual PCs. In effect, the firewall replicates the network at the point of entry so that it can receive and transmit authorized data without significant delay. However, it has built-in filters that can disallow unauthorized or potentially dangerous material from entering the real system. It also logs an attempted intrusion and reports it to the network administrators.

Organizations around the world are embracing the Internet and Internet technologies to forge new and profitable business relationships. Firewalls help organizations balance the openness of the Internet with the need to protect the privacy and integrity of sensitive business communications.

Historically, three different technologies have been used to implement firewalls: Packet Filters, Application-Layer Gateways and Stateful Inspection.

Packet Filters - Packet filters, usually implemented on routers, filter traffic based on packet content, such as IP addresses. They examine a packet at the network layer and are application independent, which allows them to deliver good performance and scalability. They are the least secure type of firewall, however. The reason is that they are not application aware—that is, they cannot understand the context of a given communication, making them easier for hackers to break.

Application-Layer Gateway - Application gateways improve on security by examining all application layers, bringing context information into the decision process. However, they do this by breaking the client/server model. Every client/server communication requires two connections: one from the client to the firewall (which acts as a "proxy" for the desired server) and one from the firewall to the (actual) server. In addition, every application requires a new proxy, making scalability and support for new applications a problem.

Stateful Inspection - Stateful Inspection provides the highest level of security possible and overcomes the limitations of the previous two approaches by providing full application-layer awareness without breaking the client/server model. Stateful Inspection extracts the state-related information required for security decisions from all application layers and maintains this information in dynamic state tables for evaluating subsequent connection attempts. This provides a solution that is highly secure and offers maximum performance, scalability, and extensibility.

© Copyright 2002 Eitech. All rights reserved.