On completing this chapter, you will be able to
Explain the basics of firewalls
Describe the different types of firewalls
Describe some firewall enhancements
Explain firewall placement in a network
This chapter covers a variety of types of firewalls, including devices such as PIX, software solutions such as Check Point, and personal firewalls. The chapter defines firewalls and explores their purpose and use in today's large-scale IP-based networks, where attacks can occur from within and from external sources.Chapter 5, "Security Policies," every network should be based on a sound security policy. The security policy should describe firewalls in detail and, more specifically, the location, placement, and configuration of firewalls in the network, as well as whether the firewall is hardware based, software based, or even PC based.
Network vulnerabilities must be constantly monitored, found, and addressed because they define points in the network that are potential security weak points (or loopholes) that can be exploited by intruders or hackers. All networks are possible targets because an intruder's motivation can be based on a number of factorscash profit; revenge; vandalism; cyber terrorism; the excitement of a challenge; the search for prestige, notoriety, or experience; curiosity; or the desire to learn the tools of trade, just to name a few.
Sometimes the biggest security threat comes from within an organization, in particular from displeased employees who gain access to internal systems by abusing usernames and passwords. Identification of the weak points of the network and, therefore, the placement and configuration of the firewall are extremely important.