Warning: include_once() [function.include-once]: open_basedir restriction in effect. File(/admin/inc.php) is not within the allowed path(s): (/var/www/p:/tmp) in /var/www/p1-010609/includes/global_header.php on line 31

Warning: include_once(/admin/inc.php) [function.include-once]: failed to open stream: Operation not permitted in /var/www/p1-010609/includes/global_header.php on line 31

Warning: include_once() [function.include]: Failed opening '/admin/inc.php' for inclusion (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/p1-010609/includes/global_header.php on line 31
Implementing and Managing a Firewall - Peer 1
 
 
Resource Center
Photo Galleries
Wallpapers


Home > Resources > White Papers - Managing Firewalls
digg this rss feed Share send to a friend

Implementing and managing a firewall


By Alex Soo

At its most basic, a firewall is a hardware and/or software device that resides on a network. Its function is to block certain types of unwanted traffic, while allowing legitimate traffic to pass through to a server or group of servers. A firewall by itself is not an all-in-one solution to Internet security problems. However it is a necessary foundation from which to build a secure solution.

Just as Internet use by businesses has escalated sharply in recent years, so too has the occurrence of network security breaches. Today's organizations understand the importance of securing external communications to prevent network attacks and ensure privacy. Nowadays it is not a matter of asking why a firewall is needed, but how best to implement, manage and support one.

Why use a Firewall?
Imagine for a moment that you are the owner of a new store in town. You’ve invested a small fortune in equipment, furnishings, supplies, etc. You’ve set up shop and it’s time to go home for the evening and you mistakenly leave the front door unlocked on the way out.  The next day you come in and find the place vandalized, items stolen and the equipment has been tampered with.

This scenario plays itself out more often than you would think. However, instead of a store it’s an online business.  Instead of equipment and supplies it’s account information and company documents.  And instead of an unlocked door, it’s an unsecured server.  However the end result is the same – you become the victim of a crime.

A firewall can help secure your server against unauthorized access by ‘locking’ it down.

How a Firewall Protects
A firewall acts as a secure barrier between your server and the Internet.  It monitors all traffic to and from your server, and decides whether or not this is normal activity or a malicious attempt to access your server: It will then filter the traffic accordingly.

A firewall can be used to lock down ports that have no need to be externally accessible. For example, if a well known service operates on port 1234, and a malicious user decides to scan your IP addresses for that service, a firewall can make that port unresponsive to the scan making it seem as if the service was not running on the server at all.

Access Control Lists (ACLs) are used on the firewall to permit or deny access to resources based on source and destination information.

Advanced firewalls use stateful packet inspection to keep track of the state of packets going through it over a period of time.  With SPI the firewall is able to distinguish which packets are legitimate for the type of connection it is using. Packets that match a known connection state will be allowed, while others will be rejected. Using stateful packet inspection, a firewall can stop port scans, spoofing and synflood attacks as well as other types of malicious activity.

VPN (Virtual Private Network)
A VPN is a private network configured within a public networking infrastructure (e.g. the Internet). This will allow you to access a remote server as if it were on your own network. Secure VPN solutions such as the ones offered by PEER 1 provide an added layer of security by encrypting the communications within a VPN Tunnel.  Both client-to-site and site-to-site VPN methods are supported by PEER 1.

Software vs. Hardware Firewalls
Hardware firewalls (such as the Juniper Netscreen line of firewalls) provide a strong degree of protection from most forms of attack coming from the outside to the internal network. Hardware firewalls can protect computers on a local area network and they can be implemented without much configuration difficulty. Hardware firewalls contain their own OS, and operate independently of the server/servers they were designed to protect. Traffic coming into the server is processed by the firewall before it ever reaches the target server.

Hardware-based

  • OS dedicated to firewall functionality – Single function appliance
  • Traffic is processed at the firewall appliance
  • Administered by PEER 1

Software firewalls such as Windows Firewall or IPTables on Linux-based operating systems are installed on individual computers and they need sufficient configuration to be effective. Software firewalls reside on the systems they were designed to protect. As a result it is also shares the same system resources as well. Traffic is processed when it gets to the server. Should a server with a firewall become compromised, it would not be too difficult to have the firewall disabled.

Software-based

  • OS resources are shared by the app and firewall
  • Traffic is processed at the server where the firewall is installed
  • Not administered by PEER 1

The PEER 1 Difference
Security is a difficult job that involves constant care. Computer systems or other networked devices are vulnerable by virtue of their ability to connect and communicate with other systems.  A firewall reduces some of the risk by reducing the number of devices that can communicate with a protected host.

Installing a firewall device is only part of the job. After installation, rulesets must be defined and adjusted for new applications, emergency steps must be taken when new compromising techniques are made known, hardware must be maintained and replaced.  The skills required are significant.

A firewall is only as good as its rulesets and the administrators who implement and maintain them. In the wrong hands a firewall could be rendered useless.  Good technical staff has the knowledge and experience to ensure that the firewall is configured according to your custom needs. The right support team will work together with you to set up a custom rule set to allow you to do your business safely and securely.

  





© 2008 PEER 1 | Sitemap  |   Legal  |   Privacy Policy  |   ServerBeach  |   Spawnpoint  |   PEER 1 on Facebook

footer