Firewalls and Network Architectures
This is the first chapter of the “Firewalls and Firewall Policy in your Network” series. This guide is intended to provide the necessary framework for understanding the firewall security solutions.
Many corporations are guarded by firewalls that are designed and used to separate networks with differing security requirements, such as the Internet and an internal network that houses servers with sensitive data.
Corporations should use firewalls wherever their internal networks and systems interface with external networks and systems, and where security requirements vary among their internal networks.
Since one of the primary functions of a firewall is to prevent unwanted traffic from entering a network (and, in some cases, from exiting it), firewalls should be placed at the edge of logical network boundaries.
This normally means that firewalls are positioned either as a node where the network splits into multiple paths, or inline along a single path.
It is rare to place the firewall for a multi-path node after the router because the firewall device would need to watch each of the multiple exit paths that typically exist in such situations. The vast majority of hardware firewall devices contain router capabilities, and in switched networks, a firewall is often part of the switch itself to enable it to protect as many of the switched segments as possible.
Firewall vendors often vary in their terminology for the logical flow of firewall traffic. A firewall takes traffic that has not been checked, checks it against the firewall’s policy, and then acts accordingly (e.g., passes the traffic, blocks it, passes it with some modification). Because all traffic on a network has a direction, policies are based on the direction that the traffic is moving.
For the purposes of this document, traffic that has not yet been checked is coming from the “unprotected side” of the firewall and is moving towards the “protected side.” Some firewalls check traffic in both directions—for example, if they are set up to prevent specific traffic from an organization’s LAN from escaping to the Internet. In these cases, the protected side of the firewall is the one facing the outside network.
Network firewalls are almost always hardware devices with multiple network interfaces; host-based and personal firewalls involve software that resides on a single computer and protects only that computer; and personal firewall appliances are designed to protect a single PC or a small office/home office network.
12 Responses to “Firewalls and Network Architectures”
What Internet Security Suite do you recommend?
There are some free solutions for personal use to secure your computer but are not suites.
Firewalls
Checkpoint ZoneAlarm
Comodo
Agnitum
PC Tools Firewall Plus
Antivirus
Avira AntiVir ( version 9 at this moment)
avast! Home Edition (4.8)
AVG Anti-Virus Free Edition
Antispyware
Ad-Aware
Malwarebytes
Also many security companies offer on-demand or online malware scanners.
For paid : I recommend Kaspersky Internet Security Suites because they have usually the best results in AV-Comparatives and VB-Bulletin (computer security test lab).
Second I can say the new version of Norton Internet Security 2009 which have a complete rewrite engine and this edition of the suite is all about performance. Do not buy old versions of Symantec Security Suite because are system hogs.
Do I need internet security software installed on my laptop if connecting to an Ethernet ?
Yes.The Internet connection maybe protected by a firewall installed in the network you are connecting but you will not be protected especial to viruses and spyware.
If you don’t want a internet security suite install at least an antivrus.
What means “Test of the firewall rules” ?
Testing of the firewall rules checks whether the security policy is correctly implemented by a set of firewall rules.
How to gain management access to a Cisco router ?
This can be done in a variety of ways:
1. Console port
2. Auxiliary port
3. Telnet
4. HTTP and HTTP with Secure Socket Layer (HTTPS)
5. Secure Shell (SSH)
6. Simple Network Management Protocol (SNMP)
Is static and aging password authentication susceptible to eavesdropping attacks ?
Yes it is vulnerable to remote-access connections, such as Telnet, FTP, HTTP, RCP, RSH, and others.
What is NAT ?
Network Address Translation (NAT)is the translation process used to translate private IP addresses to public ones, and vice versa.
interesting post
a very good article about Firewalls and Network Architectures