• Home
  • Download
  • Purchase
  • Support
  • Contact

 


www.installation.net
  • Anti Keylogger
  • Back-up Manager
  • Data Encrypter
  • ONE FOLDER
  • Internet Optimizer
  • Parental Advisor
  • Start up manager
  • Incredible Keylogger
  • Faster PC
  • Browser Keeper
  • InstallSafe
  • Registry Cleaner
  • Drivers Manager
  • Unlocker
  • Data Wiper
  • UnEraser

Articles

 

  • Why worry about Privacy & Security?
  • What about Data Encryption?
  • How to Protect Your Privacy

FAQ -
Firewalls

 

2.1 What is a network firewall?

 

A system or group of systems, which imposes an access control policy between two or more networks, is termed as firewall. In simple words, firewall is a method or mechanism to block and allow traffic. Certain firewalls block traffic while others allow traffic. However, it is essential that you have a clear idea about what kind of access has to be allowed and what has to be denied. You should also understand about the configuration and the mechanism to enforce firewall. Firewall administrators have to manage large amount of hosts and hence it is a great responsibility.

 

2.2 Why would I want a firewall?

 

The main objective of a firewall is to protect your network from jerks without hampering your work. There are users who use Internet for getting real work done; however, there are many who try to capture sensitive information from other people's mailboxes.

 

Almost all the organizations and data centers have a set of computing security policies and practices to follow. Consider an example, where a company has a policy that states that the data has to be protected; it is essential that there is a firewall behind it. Firewall is considered to be the backbone of any organization's corporate policy. When you are a part of a large corporate, they do not mind about the expense that is been made for hooking up to the Internet. However, they are worried about whether it is safe to use the Internet as they have a lot of secured information. In this situation, it is essential that the management understands that it is safe to hook to the Internet. This is where firewall plays an important role. It acts as a security blanket for the management.

 

You can also refer firewall as corporate "ambassador" for the Internet. Firewalls are used as place for storing public information like corporate products and services, files to download, bug-fixes, and so forth by the corporations. Several of these systems have become important parts of the Internet service structure (e.g., UUnet.uu.net, whitehouse.gov, gatekeeper.dec.com) and have reflected well on their organizational sponsors.

 

2.3 What can a firewall protect against?

 

Firewalls can help protect against attacks using email. There are a few firewalls that allow only email traffic. These will help you in protecting your network against email attacks. However, there are also firewalls that would block services, which are recognized as problems.

 

In general, to protect the system against unauthenticated interactive logins from the "outside" world, firewalls are used, thereby, preventing hooligans from logging on to your network. There are certain firewall, which allows users from inside to commune with the outside, however, vice versa is not possible.

 

You can also use firewall as a single "check point" for security audit. Take for example, you have a system, where you use modem for dialing to the Internet. Firewall here acts as "phone tap" and a tracking tool. This will provide you details to the administrator like what amount of traffic is passed, whether there were any attempts to break the firewall and if yes, how may times.

 

Due to this fact, firewall logs are considered to be very critical and they can be used as evidence in the court of law in many countries. It is essential that you maintain and protect your firewall logs.

 

2.4 What can't a firewall protect against?

 

It is impossible to protect attacks that do not go through a firewall. Take for example, exporting data through removable media like magnetic tape, CD, DVD, USB flash drive, etc. do not go through firewall and hence this cannot be protected using a firewall. These are called back-doors. In order for a firewall to work effectively and efficiently, it has to be a part of the overall organizational security architecture. If you feel that a particular system has really got an important or secret data, it is advisable that it is kept secluded from the rest of network.

 

Next would be traitors inside your network. Do you think it is possible for a firewall to protect your organization from people who export information through telephone, FAX, CD? There are some idiotic people who would disclose sensitive information over the telephone. These people are the target for social engineering. This way it is very easy for an intruder to break into your network by getting around your firewall.

 

Similarly, it is not possible to protect against tunneling over application protocols. If you give chance for an internal system to connect to an external system, it is definitely not possible for the firewall to protect you against attacks.

 

2.5 What about viruses and other malware?

 

Viruses or malware cannot be protected using a firewall. To be precise, it is not possible for a firewall to protect against data-driven attacks. This is because, binary files can be encoded in many different ways and can be transferred to the network. Data-driven attack occurred in different versions of sendmail, ghostscript, Outlook and Internet Explorer.

 

It is essential that an organization that is truly concerned about virus control measures uses virus scanning software in all desktops that is being used in the organization and that a virus scan is run every time the system is rebooted. It is impossible for a firewall to protect against viruses that are spread through floppy disks, CDs, and modem. Firewall will help you protect against viruses from the Internet.

 

Few firewall vendors offer "virus detecting" firewalls. It should be understood that a strong firewall in not a substitute for sensible software. Just because everyone uses a particular mailer, it doesn't mean it is safe to use.

2.6 Will IPSEC make firewall obsolete?

 

Few have a prejudice that IPSEC will make firewall obsolete. However, this is not the case. Let us first understand what IPSEC is and what it does before coming to a conclusion.

IPSEC is IP SECurity. This is a set of standards that were developed by the Internet Engineering Task Force. Two problems are taken care of by IPSEC. They are:

  1. Host-to-host authentication
  2. Encryption

 

Firewalls were not created to solve the above-mentioned problems. However, firewall can help you in reducing the Internet risks. Two classes of problems that come here are integrity and privacy of information between hosts and the kind of connectivity that is allowed. First issue is addressed by IPSEC and the second issue by firewall.

 

This clearly tells us that it is not possible to make firewall obsolete. It is a good idea to combine firewalls with IPSEC enabled hosts. Virtual Private Network (VPN) is one such example.

 

Design and Implementation Issues:

 

3.1 What are some of the basic design decisions in a firewall?

 

There are humpty numbers of design issues to be addressed by the person who handles design, specification, implements, and installs the firewall.

 

Out of the various different issues that arises when implementing a firewall, the first as well as the most important thing is the analysis of how a particular company or an organization wishes to operate it. It can be either denying of all services or providing a metered and audited "queuing" access.

 

Next issue would be the level of monitoring, redundancy and control. Once the overall objectives have been figured out, it is easy to combine it with need analysis and finding a way to implement it.

 

Another major issue is the finance. It is always advisable to quantify any issue in terms of cost irrespective of whether you are going to buy or implement. You can implement a firewall for free or by spending few million dollars. The option is yours. Irrespective of which option you choose, the important factor is that firewall should be built-in such a way that it doesn't require constant as well as expensive attention.

 

It is easy to implement a static traffic routing service at an IP level using screening techniques and rules in a router. The important decision that has to be taken is whether you require exposed stripped-down machine outside the network or setup a screening router. You have both advantages and disadvantages in using either of the techniques.

 

3.2 What are the basic types of firewall?

 

There are three types of firewall. They are as follows:

  1. Network layer
  2. Application layer
  3. Hybrids

 

International Standards Organization (ISO) and Open Systems Interconnect (OSI) actually defined seven layers, namely, physical, data link, network, transport, session, presentation and application.

 

Lower-level firewalls are comparatively faster than then higher-level firewalls; however, they can be fooled easily. In the present day, almost majority of the firewall falls in to the category of "hybrids."

 

  1. Network Layer firewall: These firewalls depend on the source, destination address and port for taking decisions. A traditional network layer firewall would be the simple router. However, modern network layer firewall is more sophisticated than the traditional network layer firewall. This is because the present generation network layer firewall maintains the internal information like the state of connections that are passing through them, contents of the data stream, etc. These firewalls are faster and are very transparent to the users.

 

There are two types of network layer firewall. They are screened host firewall and screened subnet firewall. Let us discuss each of them with a pictorial representation.

 

 

Access to and from a single host is controlled using routers operating at network layer in a screened host firewall.

 

 

Access to and from a whole network is controlled using routers operating at network layer in a screened host firewall.

 

    • Application layer network: These perform intricate auditing of traffic that are passing through them. They are in general hosts, which run on proxy servers. They do not allow traffic to be passed on to the network directly. As you know that it is the proxy applications are nothing but software components, which run on firewall, it is always a good place to perform logging and access control. In an application layer firewall, traffic is passed on one side and the output is given on the other side by masking the origin of the initiating connection. Due to this fact, this can be used as a network address translator. Early application layer firewall such as those built using the TIS firewall toolkit, are not particularly transparent to end users and may require some training. It is the application layer firewalls that provide you with more detailed and elaborate audit reports. They are best for enforcing more conservative security models.

     

     

    This is an example of application network firewall, that is, dual-homed gateway.



ContactPrivacyTerms
website developed by Digital Nature | www.digitalnature.ro