Auditing the Internet, E - Business

WHAT IS A FIREWALL?

Security device to protect internal network from unauthorized access by external network

An application level traffic monitor and access control device

Can detect and log any or all activity over time

WHY HAVE A FIREWALL?

Provides security between LAN and WAN

Provides internal security between LANs

Controls & monitors external access

Prevents unauthorized access to LAN via WAN

Allows transparent LAN access to WAN

EVALUATE FUNCTIONS OF FIREWALLS

Provide security between LAN and WAN

Provide internal security between LANs

Control and monitor external access

Prevent unauthorized access to LAN via WAN

Allow transparent LAN access to WAN

REVIEW CRITERIA USED IN SELECTING A FIREWALL
(14 criteria per US Department of Commerce)

Deny all services except those permitted

Supports security policy

Flexible to accommodate new services

Advanced authentication measures

Filter systems to restrict access

Flexible filtering language

Use proxy services for FTP, TELNET, etc.

Centralize SMTP access

Support public information servers

Concentrate dial-in access

Provide mechanisms for logging traffic and suspicious activity

Use a secure version of the operating system

Use a simple design so correctness can be verified

Provide timely bug fixes and updates

REVIEW CLASSES OF FIREWALLS USED
(in order of increasing functionality and security)

Protocol converters

Packet filter routers

Integrated systems based on packet filtering

Application and circuit level gateways

Integrated firewall servers

WHERE SHOULD A FIREWALL BE PLACED?

Typically, between internet (external network) and internal network

Contact Us /Home/ Services/ Links/ Newsletter
Training/ Construction/ Risk/ CIA /Peer Review

Audit Services ^Tel:615-790-9858 ^Fax: 209-797-7983 ^{PO Box} 681387, Franklin, TN 37068