Firewalls & Proxy Servers

Firewalls & Proxy Servers

A firewall is a device that prevents unauthorized electronic access to your entire network. The term firewall is generic, and includes many different kinds of protective hardware and software devices. Routers, discussed in the previous section, comprise one kind of firewall. Most firewalls operate by examining incoming or outgoing packets for information at OSI level 3, the network addressing level.

 

Firewalls can be divided into 3 general categories: packet-screening firewalls, proxy servers (or application-level gateways), and stateful inspection proxies. Packet-screening firewalls examine incoming and outgoing packets for their network address information. You can use packet-screening firewalls to restrict access to specific Web sites, or to permit access to your network only from specific Internet sites.

Proxy servers (also called application-level gateways) operate by examining incoming or outgoing packets not only for their source or destination addresses but also for information carried within the data area (as opposed to the address area) of each network packet. The data area contains information written by the application program that created the packet—for example, your Web browser, FTP, or TELNET program. Because the proxy server knows how to examine this application-specific portion of the packet, you can permit or restrict the behavior of individual programs. Stateful inspection proxies monitor network signals to ensure that they are part of a legitimate ongoing conversation (rather than malicious insertions).

 

Besides firewalls, other types of security software may also be useful. For example, intrusion detection software monitors your network for particular kinds of malicious activity (attempts to steal passwords, for example). Filtering software maintains lists of Web sites that are permitted or restricted for students, and enforces those restrictions.

 

Many schools combine one or more of these solutions to create their network security system.

Each solution has strengths and weaknesses. In order to choose a solution, you should begin by defining your security policy (the resources you wish to share or restrict, and the personnel who will have access to each resource). Then work with your manufacturer to ensure that your security solution meets your needs.

Date

23 January 2015

Categories

Network Equipment, IT Equipment

Voltage General Trading LLC

Voltage General Trading LLC supplies world class technology products & services mainly electronics, Network,  Electro-mechanical, power, energy, ICT  and Telecom equipment supply, software and services.