Auditing the Internet, E - Business

Evaluating Firewalls

WHAT IS A FIREWALL?   Security device to protect internal network from unauthorized access by external network An application level traffic monitor and access control device Can detect and log any or all activity over time   WHY HAVE A FIREWALL?   Provides security between LAN and WAN Provides internal security between LANs Controls & monitors external access Prevents unauthorized access to LAN via WAN Allows transparent LAN access to WAN   EVALUATE FUNCTIONS OF FIREWALLS   Provide security between LAN and WAN Provide internal security between LANs Control and monitor external access Prevent unauthorized access to LAN via WAN Allow transparent LAN access to WAN   REVIEW CRITERIA USED IN SELECTING A FIREWALL (14 criteria per US Department of Commerce)   Deny all services except those permitted Supports security policy Flexible to accommodate new services Advanced authentication measures Filter systems to restrict access Flexible filtering language Use proxy services for FTP, TELNET, etc. Centralize SMTP access Support public information servers Concentrate dial-in access Provide mechanisms for logging traffic and suspicious activity Use a secure version of the operating system Use a simple design so correctness can be verified Provide timely bug fixes and updates   REVIEW CLASSES OF FIREWALLS USED (in order of increasing functionality and security)   Protocol converters Packet filter routers Integrated systems based on packet filtering Application and circuit level gateways Integrated firewall servers   WHERE SHOULD A FIREWALL BE PLACED?   Typically, between internet (external network) and internal network   Contact Us Home / About Us / Services / Newsletter IT Audit / Pre-QAR / CIA / 1 Stop IA Shop / IA Manual Audit Services Tel:615-790-9858 PO Box 681387, Franklin, TN 37068