Are you looking for my non-technical blog?

This is now my technical-only blog, my non-technical blog is here.

08 December 2007

The Firewall



The Firewall, it's the cornerstone of the Network Security design. In today's networks, a Firewall is a device that divides the network into different Segments (Zones), and controls Who's is supposed to talk to Who, using which Applications (Service), across those different Zones.

Most of the time in enterprise networks, they have two layers of Firewalls, one at the Gateway - Just behind the Gateway Router - and the other one in the Data Centre.

The Gateway firewall is also called the Perimeter firewall, its main task is to control which resources on your local LAN are to be accessed from the outside world, normally from the Internet. And on the other direction, it controls what your local users are allowed to do when going outside, normally to the Internet. The Data Centre firewall on the other hand is intended to protect the resources in your Data Centre - mainly Servers - from the outside as well as from the different Zones in your local network.

Notes:

Sometimes, people who have a tight budget consolidate the Gateway and the Data Centre firewalls into one firewall. Also this is suitable for remote branches and small offices.

The computers in the networks world communicate by sending and receiving packets. These packets contain beside the date (payload), the source and destinations addresses (IP Addresses) of the sender and receiver, as well as the service they are using (Protocol and Port Number). So let's say, if you want to define a rule in your firewall to let user A in the Users Zone, connect to the Web Server B in the Data Centre, the rule will contains the address of A in the source IP field and the Address of B in the Destination IP field, and the Web Service (Protocol=TCP, Destination-Port=80) in the Service field.

It's really funny that a company like McAfee claims that they are a Security Vendor, while they do not have firewalls in their products portfolio. If I were in there shoes, I would have bought some firewall only company such as Fortinet, Checkpoint, Stonesoft or even a start-up like Palo Alto Networks.

Tags: , ,