23-01-2013, 10:20 AM
Security Technology: Firewalls and VPNs
1Security Technology.pdf (Size: 1.91 MB / Downloads: 88)
Introduction
As one of the methods of control that go into a well-planned information security
program, technical controls are essential in enforcing policy for many IT functions that
do not involve direct human control. Networks and computer systems make millions of
decisions every second and operate in ways and at speeds that people cannot control in
real time. Technical control solutions, properly implemented, can improve an
organization’s ability to balance the often conflicting objectives of making information
more readily and widely available against increasing the information’s levels of
confidentiality and integrity.
Physical Design
• The physical design of an information security program is made up of two parts:
Security Technologies and physical security.
• Physical design extends the logical design of the information security programwhich
is found in the information security blueprint and the contingency planning
elements-and make it ready for implementation.
• Physical design encompasses the selection and implementation of technologies
and processes that mitigate risk from threats to the information assets of an
organization assets of an organization.
Firewalls
• A firewall in an information security program is similar to a building’s firewall in
that it prevents specific types of information from moving between the outside
world, known as the untrusted network(eg., the Internet), and the inside world,
known as the trusted network.
• The firewall may be a separate computer system, a software service running on an
existing router or server, or a separate network containing a number of supporting
devices.
Firewall Categorization Methods:
• Firewalls can be categorized by processing mode, development era, or structure.
• There are FIVE major processing –mode categories of firewalls: Packet filtering
Firewalls, Application gateways, Circuit gateways, MAC layer firewalls and
Hybrids.(Hybrid firewalls use a combination of other three methods, and in
practice, most firewalls fall into this category)
• Firewalls categorized by which level of technology they employ are identified by
generation, with the later generations being more complex and more recently
developed.
• Firewalls categorized by intended structure are typically divided into categories
including residential-or commercial-grade, hardware-based, software-based, or
appliance-based devices.
Hybrid Firewalls:
Hybrid Firewalls combine the elements of other types of firewalls-that is, the
elements of packet filtering and proxy services, or of packet filtering and circuit
gateways. Alternately, a hybrid firewall system may actually consist of two separate
firewall devices: each is a separate firewall system, but they are connected so that
they work in tandem. For example, a hybrid firewall system might include a packet
filtering firewall that is set up to screen all acceptable requests then pass the requests
to a proxy server, which in turn, requests services from a Web server deep inside the
organization’s networks. An added advantage to the hybrid firewall approach is that it
enables an organization to make a security improvement without completely
replacing its existing firewalls.