A firewall is a network security device positioned
between two different networks, usually between an organizations
internal, trusted network and the Internet.
In English that means a device that protects your company's
information from the rest of the world, including those really
smart kids who have nothing better to do. You may not think
your data is that important, but think about your customer list
in the hands of a competitors salesman, or copies of your most
recent quotes in those same hands. Firehouse Networks believes
all companies with full time connections to the Internet require
a Firewall.
What
do firewalls do?
A firewall ensures that all communications attempting to cross
from one network to the other meet an organizations
security policy. Firewalls track and control communications,
deciding whether to allow, reject or encrypt communications.
In addition to protecting trusted networks from the Internet,
firewalls are increasingly being deployed to protect sensitive
portions of local area networks and individual PCs.
Why does an organization need a firewall?
Organizations around the world are embracing the Internet
and Internet technologies to forge new and profitable business
relationships. Firewalls help organizations balance the openness
of the Internet with the need to protect the privacy and integrity
of sensitive business communications.
How
do firewalls work?
Historically, three different technologies have been used
to implement firewalls: Packet Filters, Application-Layer
Gateways and Stateful Inspection.
Packet
Filters - Packet filters, usually implemented
on routers, filter traffic based on packet content, such as
IP addresses. They examine a packet at the network layer and
are application independent, which allows them to deliver
good performance and scalability. They are the least secure
type of firewall, however. The reason is that they are not
application awarethat is, they cannot understand the
context of a given communication, making them easier for hackers
to break.
Application-Layer
Gateways - Application gateways improve on
security by examining all application layers, bringing context
information into the decision process. However, they do this
by breaking the client/server model. Every client/server communication
requires two connections: one from the client to the firewall
(which acts as a "proxy" for the desired server)
and one from the firewall to the (actual) server. In addition,
every application requires a new proxy, making scalability
and support for new applications a problem.
Stateful
Inspection - Stateful - Inspection provides
the highest level of security possible and overcomes the limitations
of the previous two approaches by providing full application-layer
awareness without breaking the client/server model. Stateful
Inspection extracts the state-related information required
for security decisions from all application layers and maintains
this information in dynamic state tables for evaluating subsequent
connection attempts. This provides a solution that is highly
secure and offers maximum performance, scalability, and extensibility.
All Firewalls recommended by Firehouse Networks are based upon Stateful Inspection,
which has become the de facto standard for firewalls.
To talk more about Firewalls and how they can protect your company, please contact
a Firehouse Networks Consultant.