Firewall protection
The main function of a firewall is to centralize access control. A firewall serves as the gatekeeper between the untrusted Internet and the more trusted internal networks. If outsiders or remote users can access the internal networks without going through the firewall, its effectiveness is diluted. For example, if a traveling manager has a modem connected to his or her office PC that he or she can dial into while traveling (war driving), and that PC is also on the protected internal network, an attacker who can dial into that PC has circumvented the firewall.
Similarly, if a user has a dial-up Internet account with a commercial Internet Service Provider (ISP) and sometimes connects to the Internet from his or her office PC via modem, he or she is opening an unsecured connection to the Internet that circumvents the firewall. Firewalls provide several types of protection, including the following:
- They can block unwanted traffic.
- They can direct incoming traffic to more trustworthy internal systems.
- They hide vulnerable systems that can't easily be secured from the Internet.
- They can log traffic to and from the private network.
- They can hide information like system names, network topology, network device types, and internal user IDs from the Internet.
- They can provide more robust authentication than standard applications might be able to do.
Each of the preceding functions is described in greater detail next. As with any safeguard, there are trade-offs between convenience and security. Transparency is the visibility of the firewall to both inside users and outsiders going through a firewall. A firewall is transparent to users if they do not notice or stop at the firewall in order to access a network. Firewalls are typically configured to be transparent to internal network users (while going outside the firewall); on the other hand, firewalls are configured to be non-transparent for outside network users coming through the firewall. This generally provides the highest level of security without placing an undue burden on internal users.
In this tutorial:
- Firewall Security Policy
- Firewall protection
- Firewall architectures
- Multi-homed host
- Screened host
- Screened subnet
- Types of firewalls
- Packet-filtering gateways
- Application gateways
- Hybrid or complex gateways
- Routing versus forwarding
- IP spoofing
- DNS and mail resolution
- Intranet
- Network trust relationships
- Virtual private networks
- Qualification of the firewall administrator
- Remote firewall administration
- Firewall backup
- System integrity
- Physical firewall security
- Firewall incident handling
- Upgrading the firewall
- Revision/update of firewall policy
- Examples of service-specific policies