Networking Explained, Second Edition > Network Security Issues > 35. So which type of firewall is better than the others? - Pg. : Safari Books Online

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

This Book

Networking Explained, Second Edition

Networking Explained, Second Edition

Search

Contents

Ch. 1. Fundamental Concepts of Computer Networks and Networking

Ch. 2. Network Topologies, Architectures, and the OSI Model

Ch. 3. The Internet and TCP/IP

Ch. 4. Physical Layer Concepts

Ch. 5. Data Link Layer Concepts and IEEE Standards

Ch. 6. Network Hardware Components (Layers 1 and 2)

Ch. 7. Internetworks and Network Layer Concepts and Components

Ch. 8. Ethernet, Ethernet, and More Ethernet

Ch. 9. Token Ring

Ch. 10. Fiber Distributed Data Interface (FDDI)

Ch. 11. Integrated Services Digital Network (ISDN)

Ch. 12. Frame Relay

Ch. 13. Switched Multimegabit Data Service (SMDS)

Ch. 14. Asynchronous Transfer Mode (ATM)

Ch. 15. Dialup and Home Networking

Ch. 16. Network Security Issues

1. What is network security?

2. OK, I’ll agree that security is important. Where do I start?

3. So what do I do first?

4. Fine. I think I understand why threat assessment is important. Are there other steps to it?

5. What do you mean by that? Who would threaten my network more than my competition?

6. OK, so now I can’t trust anyone, right?

7. Now that I’m pretty paranoid, what else do I have to worry about to implement network security properly?

8. Can you give me an example of how poor risk analysis can impact a company?

9. What else should I do to understand all the potential threats to my network environment?

10. Sounds interesting. What kinds of things am I trying to simulate?

11. So far, so good. Any final items to consider for the threat assessment part of network security?

12. What’s a common method used to attack a network resource?

13. Really? What is that?

14. Any ideas on how someone might socially engineer themselves into my company?

15. That sounds like you have to have some technical skills. Are there easier ways?

16. Is it hard to find information on how to breach or crack a site?

17. I have heard of a network attack called a denial of service. What is that?

18. Are DOS attacks the same thing as a zombie attack?

19. How do you combat a DDoS attack?

20. Where does something like the ILOVEYOU e-mail worm fit into all of this?

21. I never realized there were so many different types of attacks. Is there anything that can be done to prevent them from occurring on my network?

22. I am beginning to think that a network attack is inevitable. Given this premise, what can I do to be prepared?

23. This all sounds good, but there is no way my company has resources to do this. And even if we did, I doubt if management would authorize it

24. Can you give me some additional examples of how lax security measures can impact a company? We seem to have a problem not only with network security but also with overall system security. I would like to use this information when I discuss network security with my supervisor

25. Are there companies or special targets for security breaches?

26. How do I properly implement network security if the process is so complicated and replete with obstacles?

27. What technology can I implement to help me make my network more secure?

28. What’s a firewall?

29. What types of firewalls are there?

30. Is there a simple way to select a firewall? Isn’t there one vendor that offers all the types of firewalls in one package?

31. How hard is it to set up a firewall, anyway?

32. Can a firewall be defeated by an attacker?

33. When implementing a firewall, do I have worry about other network protocols or just TCP/IP?

34. Yeah, but we made a decision to only use TCP/IP for our protocols. We aren’t multiprotocol, right?

35. So which type of firewall is better than the others?

36. OK, I think I understand firewalls. You also mentioned encryption. What is that?

37. In what ways can cryptography be implemented?

38. Is any of this related to public key infrastructure, otherwise known as PKI?

39. How can I see a certificate? I’d like to know what one looks like

40. This is really interesting. Tell me about DES

41. Yikes! It sounds like we need to either improve DES or replace it

42. Does this mean, then, that Triple DES has replaced DES?

43. What will become of DES and Triple DES?

44. How many possible arrangements of 0s and 1s does AES support and how long will it take to eventually crack AES?

45. Who is permitted to use this algorithm?

46. DES and AES are private key algorithms. Can you give me an example of a public key algorithm?

47. OK. This makes sense. What would really be helpful at this stage is to see a real encryption algorithm. Is it possible for you to demonstrate how one works?

48. Can you give me an example of an application that uses RSA?

49. What if I put a cryptographic product like PGP on my notebook computer so that I can communicate with the office securely? What legal trouble will I get into?

50. I’ve always heard that if something is encrypted, it’s secure. Right?

51. Wait a minute. Are you saying that cryptography comes in different strengths?

52. Which algorithm is best to use for encrypting network traffic?

53. Two words are frequently here in the context of network security are authentication and access control. What do these terms mean?

54. What security mechanisms other than firewalls are there to secure transmissions across the Internet?

55. How do I protect my connection from home to the office with VPNs?

56. Do I need cryptography for VPNs to work?

57. If network security is this complex today, what does the future hold?

End-of-Chapter Commentary

Ch. 17. Network Convergence

Ch. 18. Wireless Networking

Appx. A. Vendor Ethernet/802.3 Prefixes

Appx. B. Using Parity for Single-Bit Error Correction

Appx. C. Guidelines for Installing UTP Cable

Appx. D. Network Design and Analysis Guidelines; Network Politics

URL

Help

35. So which type of firewall is better than the others?

The fact is, each firewall architecture has its merits and drawbacks. Let’s review the features of all major firewall types. Router screening is fast and allows rejection of common errors, cracker attacks, and user strangeness which is part of any network connection. Application filtering firewalls provide extensive application control and monitoring of application behavior. Proxy facilities provide application control and session control between sources and destinations as well as address translation facilities. Stateful firewalls allow technical attacks from breaching a network and provide sophisticated filtering techniques that rival almost any proxy or application gateway. In short, almost all firewall approaches have strengths and weaknesses. In fact, this is a good thing for customers. What is best for the customer is security, implemented for the right reasons and in the most productive manner. This means that the optimal firewall configuration is one that can perform all the various types of rule-based filtering previously described depending on the type of application being used and the best security methodology approach to solve the security problem for the application environment. No single security rule-based approach that has been described can properly address all security issues in a networked environment. Most network security experts will tell you that it is impractical to expect one approach to be useful in all environments. A list of other security features that you might want to consider when evaluating routers or firewalls is given in Table 16.3

Table 16.3. Additional Router-Firewall Security Features to Consider
Feature	Description
Audit Trail	Records all session activities, including source and destination hosts, ports, duration, time stamp, and bytes transmitted.
Authentication Proxy	Authenticates users as being authorized to access a LAN.
Denial of Service (DoS) Detection and Prevention	Examines packet headers and filters those deemed suspicious.
Intrusion Detection	Monitors network traffic for known security breaches, filters out suspect packets, and sends alert notice to management console.
Java Applet Blocking	Filters Java applets from unknown or untrusted sources.
Traffic Filtering	Enables network administrator to specify traffic that is permitted to access the network.
Source: Adapted from Wexler, 2001.

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial