Firewalls


 * Firewalls**


 * What are firewalls?**

A firewall is a secure and trusted machine that sits between a private network and a public network. It is configured with a set of rules that determine which network traffic will be allowed to pass and which will be blocked or refused. Information taken from Fitzgerald & Dennis, 2009.




 * History**

Firewalls were created in the late 1980s. They had the same purpose of allowing two or more networks to talk to each other. All traffice passed through a single point called a chokepoint. The first firewalls were routers to separate network into LANs and with filtering rules. The security policy was to allow anyone "in here" to get out, but keep people "out there" from getting "in". Bastion Hosts was the name of one of the first firewalls and it was an application of proxies, and filters. Digital Equipment Corporation (DEC) became basis for one of the first commercial firewalls. Information taken from Avolio, 1999.


 * What can a firewall do?**


 * 1) A firewall acts as an enforcement point for security by watching over the endpoints between the two networks, according to Overby, 2008, para. 1.
 * 2) A firewall can be used to log all attempts to enter the private network and trigger alarms when hostile or unauthorized entry is attempted, according to "Firewall Q&A", para. 2.
 * 3) A firewall is a focal point for security that allows firewalls to add security services like traffic encryption and decryption, according to Young-Seock, 2002, para.23.
 * 4) Firewalls can filter packets based on their source and destination addresses and port numbers, according to "Firewall Q&A", para.2.
 * 5) Firewalls prevent spyware, and virus attacks to the system, according to Overby, 2008, para.1.
 * 6) Firewalls support security services such as IP packet filtering, intrusion detection, load balancing, and quality of service (QoS) setting management, according to Overby, 2008, para. 26.


 * What can't a firewall do?**


 * 1) Firewalls are a piece of machinery that can't set itself up, and because of that, if not set up right, you could invite unwanted visitors to your information.
 * 2) Firewalls cannot edit indecent material like pornography, violence, drugs and bad language.
 * 3) Firewalls offer weak defense from viruses, so antiviral software and an IDS (intrusion detection system) which protects against Trojans and port scans should also complement your firewall in the layering defense.
 * 4) Firewalls cannot protect you from internal sabotage within a network or from allowing other users' access to your PC. This and all the disadvantages listed, were taken from "Firewall Advantages and Disadvantages", 2009, para.2.


 * Services firewalls may allow or block, according to "Building Internet Firewalls" outline of 2009, are:**
 * Web
 * Email
 * File transfer
 * Remote terminal access
 * File/Printing sharing
 * Real-time conferencing
 * Routing


 * Common Security Principles according to "Building Internet Firewalls" outline of 2009, are:**
 * Least Privilege
 * Defense in depth
 * Choke point
 * Weakest link
 * Diversity of defense
 * Security through obscurity

The above information came from Fitzgerald, J. & Dennis, A., 2009, pp. 391-393.
 * Types of Firewalls**
 * 1) Packet-level firewalls, which examines the source and destination address of every network packet tha passes through it.
 * 2) Application-level firewalls are more expensive and more complicated to install and manage than a packet-leve firewall because it examines the contents of the application layer packet and searches for known attacks.
 * 3) Network address translation (NAT) is the process of converting between one set of public IP addresses that are viewable from the Internet and a second set of private IP addresses that are hidden from people outside of the organization.

The above information came from "Building Firewalls" Outline, Ch. 27.
 * In the event of an incident, you should:**
 * 1) Evaluate the situation.
 * 2) Disconnect or shut down the system.
 * 3) Analyze the situation.
 * 4) Note what you have said yes to or the questions you may have been asked.
 * 5) Notify your organization if it is your job, so that the IT department may get right on it.
 * 6) Save the data that was documented.

References: Wadlow, T., & Borelik, V. (2009). What can be done to make Web Browsers secure while preserving their usability? //Security in the Browser,// (Vol.52, No.6, pp.40-45). Retrieved November 24, 2009, from NCLive database. Hansen, Mark, D. (1999), Computer Technology, //Firewalls: Not as Safe as you Thought,// Retrieved November 24, 2009, from NCLive database. Overby, Linwood, H., //Security Enforcement Point Inspection of Encrypted Data in an Encrypted End-to-End Communications Path.// Retrieved November 20, 2009, from [] Young-Seock, Cha, //Network Security Library: Firewalls & VPN’s.// Retrieved November 26, 2009, from website: http:www.windowsecurity.com/whitepapers/Ecommerce_Security_Technologies_Fire_Wall.html Avolio, F.M.(1999). //Firewalls: A Brief History:// [PowerPoint slides]. Retrieved November 24, 2009, from website: []. // Building Internet Firewalls: Firewall Outline. // Retrieved November 20, 2009, from website: [] // Firewalls Advantages and Disadvantages. // (2009). Retrieved November 29, 2009, from website: [] // Firewall Q&A. // Retrieved November 29, 2009, from website: []