Module 3: Information and Network Security : Ch.2. Server Management and Firewalls
- Firewall Concept
- Firewall implementation
- Firewall types
- DMZ
Firewall :
Firewall is a "choke point/guard box" of controlling and monitoring the network traffic. It allows interconnection between different networks with some level of trust. It imposes restrictions on network services (only authorized traffic is allowed). It enforces auditing and controlling access(alarms of abnormal behavior can be generated). It provides perimeter defence.
Firewall Properties :
- All traffic between the networks must pass through it.
- Only authorized traffic, as defined by the local security policy, is allowed to pass through a firewall.
- The firewall machine/system itself should be immune to penetration.
Limitation of firewall :
- A firewall cannot prevent users or attackers with modems from dialing into or out of the internal network, thus bypassing the firewall and its protection completely.
- Firewalls cannot enforce your password policy or prevent misuse of passwords. Your password policy is crucial in this area because it outlines acceptable conduct and sets the ramifications of noncompliance.
- Firewalls are ineffective against nontechnical security risks such as social engineering i.e " There be hackers here."
- Firewalls cannot stop internal users from accessing websites with malicious code, making user education critical.
- Firewalls cannot protect you from poor decisions.
- Firewalls cannot protect you when your security policy is too lax.