Network Firewalls and Security
Network Firewalls and Security are a daily concern for businesses that want to protect their organization against viruses, prevent intrusions, and other cyber threats. The security experts at Orange County Computer®, Inc. can provide an assessment of your network environment . This will evaluate the level of risk your company is subject to. If you worry about network vulnerability or the integrity of company data, now is the time to contact us.
There are many different levels of firewall protection ranging from Enterprise to consumer and somewhere in between. These days, everyone that uses the internet and email is at risk of some type of security breach.
Before being able to understand a complete discussion of firewalls, it’s important to understand the basic principles that make firewalls work.
A firewall is a system or group of systems that enforces an access control policy between two networks. The actual means by which we accomplish varies widely. In principle, the firewall is a pair of mechanisms. One which exists to block traffic, and the other which exists to permit traffic. Some firewalls place a greater emphasis on blocking traffic, while others emphasize permitting traffic. Probably the most important thing to recognize about a firewall is that it implements an access control policy. If you don’t know what kind of access you want to allow or deny, a firewall will not help you. It’s also important to recognize that the firewall’s configuration imposes its policy on everything behind it. Administrators for firewalls managing the connectivity for a large number of hosts therefore have a heavy responsibility.
Some firewalls permit only email traffic through them. This thereby protects the network against any attacks other than attacks against the email service. Other firewalls provide less strict protections, and block problems services.
Generally, IT companies configure firewalls to protect against unauthenticated interactive logins from the “outside” world. This, more than anything, helps prevent vandals from logging into machines on your network. More elaborate firewalls block traffic from the outside to the inside. In addition they permit users on the inside to communicate freely with the outside. The firewall can protect you against any type of network-borne attack if you unplug it.
Firewalls are also important since they can provide a single “choke point” where we can impose security and audits.Unlike in a situation where a computer system is being attacked by someone logging in via the Internet, the firewall can identify the intruding IP Address. In which it functions as a tracker. Firewalls provide an important logging and auditing function; often they provide summaries to the administrator about what kinds and amount of traffic passed through it, how many attempts there were to break into it, etc.
Most noteworthy providing this “choke point” can serve the same purpose on your network as a guarded gate can for your site’s physical premises. That means anytime you have a change in “zones” or levels of sensitivity, such a checkpoint is appropriate. A company rarely has only an outside gate and no receptionist or security staff to check badges on the way in. If there are layers of security on your site, it’s reasonable to expect layers of security on your network.
Firewalls can’t protect against attacks that don’t go through the firewall. Many corporations that connect to the Internet are very concerned about proprietary data leaking out of the company. Unfortunately, you can use a magnetic tape just as effectively export data. Many organizations that are terrified (at a management level) of Internet connections have no coherent policy about how dial-in access via modems should be protected. It’s silly to build a 6-foot thick steel door when you live in a wooden house, but there are a lot of organizations out there buying expensive firewalls and neglecting the numerous other back-doors into their network.
For a firewall to work, it must be a part of a consistent overall organizational security architecture. Firewall policies must be realistic and reflect the level of security in the entire network. For example, a site with top secret or classified data doesn’t need a firewall at all. They shouldn’t be hooking up to the Internet in the first place, or the systems with the really secret data should be isolated from the rest of the corporate network.
Another thing a firewall can’t really protect you against is traitors or idiots inside your network. While an industrial spy might export information through your firewall, he’s just as likely to export it through a telephone, FAX machine, or USB drive. USB drives are a far more likely means for information to leak from your organization than a firewall!
Firewalls also cannot protect you against stupidity. Users who reveal sensitive information over the telephone are good targets for social engineering; an attacker may be able to break into your network by completely bypassing your firewall, if he can find a “helpful” employee inside who he can fool into giving access to a modem pool. Before deciding this isn’t a problem in your organization, ask yourself how much trouble a contractor has when logging into the network or how much difficulty a user who forgot his password has getting it reset. If the people on the help desk believe that every call is internal, you have a problem.
Lastly, firewalls can’t protect against tunneling over most application protocols to trojaned or poorly written clients. There are no magic bullets and a firewall is not an excuse to not implement software controls on internal networks or ignore host security on servers. Tunneling “bad” things over HTTP, SMTP, and other protocols is quite simple and trivial. Security isn’t “fire and forget”.
For more information, please contact us via telephone at 949-699-6619 or via email at Contact Us