Firewalls And Infrastructure Security
...of the two, whose purpose is to enforce a security policy across its connections. It is comparable to a wall that has a window where the wall serves to keep things out, except those permitted through the window. A security policy acts like the glass in the window; it permits some things to pass, light, while blocking others, air. The heart of a firewall is the security policy that it enforces.
Security policies are a series of rules that define what traffic is permissible and what traffic is to be blocked or denied. These are not universal rules, and there are many different sets of rules for a single company with multiple connections. A web server connected to the Internet may be configured only to allow traffic on port 80 for HTTP, and have all other ports blocked. An e-mail server may have only necessary ports for e-mail open, with others blocked. A key to security policies for firewalls is the same as has been seen for other security policies, the principle of least access. Only allow the necessary access for a function, block or deny all unneeded functionality. How an organization deploys its firewalls determines what is needed for security policies for each firewall.
The security topology will determine what network devices are employed at what points in a network. At a minimum, the corporate connection to the Internet should pass through a firewall. This firewall should block all network traffic except that specifically authorized by the security policy. Blocking communications on a port is simple; just tell the firewall to close the port. The issue comes in deciding what services are needed and by whom, and thus which ports should be open and which should be closed. This is what makes a security policy useful.
The perfect security policy is one that the end user never sees and one that never allows even a single unauthorized packet to enter the...
View Full Essay
