Internet Security
Security has become one of the primary concerns when an organization connects its private network to the Internet. Regardless of the business, an increasing number of users on private networks are demanding access to Internet services such as the World Wide Web (WWW), Internet mail, Telnet, and File Transfer Protocol (FTP). In addition, corporations want to offer WWW home pages and FTP servers for public access on the Internet. Network administrators have increasing concerns about the security of their networks when they expose their organization’s private data and networking infrastructure to Internet crackers. To provide the required level of protection, an organization needs a security policy to prevent unauthorized users from accessing resources on the private network and to protect against the unauthorized export of private information. Even if an organization is not connected to the Internet, it may still want to establish an internal security policy to manage user access to portions of the network and protect sensitive or secret information.
Internet Firewalls
An Internet firewall is a system or group of systems that enforces a security policy between an organization’s network and the Internet. The firewall determines which inside services may be accessed from the outside, which outsiders are permitted access to the permitted inside services, and which outside services may be accessed by insiders. For a firewall to be effective all traffic to and from the Internet must pass through the firewall, where it can be inspected. The firewall must permit only authorized traffic to pass, and the firewall itself must be immune to penetration. Unfortunately, a firewall system cannot offer any protection once an attacker has gotten through or around the firewall. It is important to note that an Internet firewall is not just a router, a bastion host, or a combination of devices that provides security for a network. The firewall is part of an overall security policy that creates a perimeter defense designed to protect the information resources of the organization. This security policy must include published security guidelines to inform users of their responsibilities; corporate policies defining network access, service access, local and remote user authentication, dial-in and dial-out, disk and data encryption, and virus protection measures; and employee training. All potential points of network attack must be protected with the same level of network security. Setting up an Internet firewall without a comprehensive security policy is like placing a steel door on a tent.
Benefits of an Internet Firewall
Internet firewalls manage access between the Internet and an organization’s private network
Without a firewall, each host system on the private network is exposed to attacks from other hosts on the Internet.
Internet firewalls allow the network administrator to define a centralized “choke point” that keeps unauthorized users such as hackers, crackers, vandals, and spies out of the protected network; prohibits potentially vulnerable services from entering or leaving the protected network; and provides protection from various types of routing attacks. An Internet firewall simplifies security management, since network security is consolidated on the firewall systems rather than being distributed to every host in the entire private network.
Reference:
- Building Internet Firewalls D. Brent Chapman and Elizabeth Zwicky. O’Reilly & Associates
- Firewalls and Internet Security: Repelling the Wily Hacker Bill Cheswick and Steve Bellovin. Addison-Wesley
This blog entry clearly explains that when a computer connects to a network and begins
ReplyDeletecommunicating with other computers, it is essentially taking a risk. Internet security
involves the protection of a computer's Internet account and files from intrusion of an
unknown user.
This is a very valuable blog entry. Good work Kunal.