Chapter 9. Firewalls

On completing this chapter, you will be able to

• Explain the basics of firewalls

• Describe the different types of firewalls

• Describe some firewall enhancements

• Explain firewall placement in a network

This chapter covers a variety of types of firewalls, including devices such as PIX, software solutions such as Check Point, and personal firewalls. The chapter defines firewalls and explores their purpose and use in today's large-scale IP-based networks, where attacks can occur from within and from external sources.

Protecting the confidentiality of information, preventing unauthorized access, and defending against external and internal attacks remain primary concerns of all network managers today. IT departments must defend against these threats. All network architectures should be based on sound security policies designed to address all the weaknesses and threats that can occur in today's large IP-based networks. Because of the ever-changing nature of remote connectivityespecially with the increased use of virtual private networks (VPNs)and the requirement for instant access to core network resources, networks have policies that allow access to the Internet, where the amount of busy or noisy traffic from nonlegitimate devices is vast. Firewalls play important roles in defending against these threats.

As discussed in Chapter 5, "Security Policies," every network should be based on a sound security policy. The security policy should describe firewalls in detail and, more specifically, the location, placement, and configuration of firewalls in the network, as well as whether the firewall is hardware based, software based, or even PC based.

Network vulnerabilities must be constantly monitored, found, and addressed because they define points in the network that are potential security weak points (or loopholes) that can be exploited by intruders or hackers. All networks are possible targets because an intruder's motivation can be based on a number of factorscash profit; revenge; vandalism; cyber terrorism; the excitement of a challenge; the search for prestige, notoriety, or experience; curiosity; or the desire to learn the tools of trade, just to name a few.

Sometimes the biggest security threat comes from within an organization, in particular from displeased employees who gain access to internal systems by abusing usernames and passwords. Identification of the weak points of the network and, therefore, the placement and configuration of the firewall are extremely important.

Now that you are aware of some of the reasons a network must have a sound security policy and why intruders (hackers) want to exploit a poorly designed network, let's discuss some of the firewall features and definitions before moving on to some of the available firewalls in today's marketplace.