Firewalls

Firewalls

by John R. Vacca, Scott Ellis
Released December 2004
Publisher(s): Digital Press
ISBN: 9780080491325

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

In this book, you will gain extensive hands-on experience installing and configuring a firewall. You will also learn how to allow access to key Web services while maintaining your organization's security, as well as how to implement firewall-to-firewall virtual private networks (VPNs). You will learn how to build a firewall to protect your network; provide access to HTTP and FTP services on the Internet, and implement publicly accessible servers without compromising security. Furthermore, throughout the book, extensive hands-on examples provide you with practical experience in establishing security with firewalls. Examples include, but are not limited to: Installing and configuring Check Point FireWall-1; scanning to validate configuration using ISS Internet Scanner; configuring the firewall to support simple and complex Web services; setting up a packet filtering router; enhancing firewall configurations to support split-DNS; authenticating remote users; and protecting browsers and servers with a proxy-based firewall.

· Install and configure proxy-based and stateful-filtering firewalls
· Protect internal IP addresses with NAT and deploy a secure DNS architecture
· Develop an Internet/intranet security policy to protect your organization's systems and data
· Reduce your susceptibility to an attack by deploying firewalls, data encryption and decryption and other countermeasures

Table of contents

  1. Front Cover
  2. Firewalls Jumpstart for Network and Systems Administrators
  3. Copyright Page
  4. Contents (1/2)
  5. Contents (2/2)
  6. Foreword
  7. Introduction (1/2)
  8. Introduction (2/2)
  9. Acknowledgments
  10. Section I: Overview of Firewall Technology
    1. Chapter 1. Firewalls: What Are They?
      1. 1.1 Chapter objectives
      2. 1.2 Firewall defined
      3. 1.3 Why firewalls?
      4. 1.4 Benefits of firewalls
      5. 1.5 Enhanced privacy
      6. 1.6 Limitations of firewalls
      7. 1.7 Summary
      8. 1.8 References
    2. Chapter 2. Type of Firewall Security Policy
      1. 2.1 Chapter objectives
      2. 2.2 Firewall protection
      3. 2.3 Firewall architectures
      4. 2.4 Types of firewalls
      5. 2.5 Issues
      6. 2.6 Intranet
      7. 2.7 Network trust relationships
      8. 2.8 Virtual private networks
      9. 2.9 Firewall administration
      10. 2.10 Revision/update of firewall policy
      11. 2.11 Examples of service-specific policies
      12. 2.12 Summary
      13. 2.13 References
    3. Chapter 3. Firewall Types
      1. 3.1 Chapter objectives
      2. 3.2 Types of firewalls
      3. 3.3 Understanding firewall types
      4. 3.4 Firewall types drawbacks
      5. 3.5 Summary
      6. 3.6 References
  11. Section II: Firewall Topologies
    1. Chapter 4. Choosing the Right Firewall
      1. 4.1 Chapter objectives
      2. 4.2 Convergence (1/2)
      3. 4.2 Convergence (2/2)
      4. 4.3 About packet inspection (1/4)
      5. 4.3 About packet inspection (2/4)
      6. 4.3 About packet inspection (3/4)
      7. 4.3 About packet inspection (4/4)
      8. 4.4 Summary
    2. Chapter 5. Defense in Depth: Firewall Topologies
      1. 5.1 Chapter objectives
      2. 5.2 Virtual private network
      3. 5.3 Firewall policies
      4. 5.4 Setting up a demilitarized zone:A VPN alternative? (1/2)
      5. 5.4 Setting up a demilitarized zone:A VPN alternative? (2/2)
      6. 5.5 Summary
  12. Section III: Firewall Installation and Configuration
    1. Chapter 6. Installation Preparation
      1. 6.1 Chapter objectives
      2. 6.2 Unbreakable walls
      3. 6.3 Selecting an operating system (1/2)
      4. 6.3 Selecting an operating system (2/2)
      5. 6.4 Scanning for vulnerabilities
      6. 6.5 Summary
    2. Chapter 7. Firewall Configuration
      1. 7.1 Chapter objectives
      2. 7.2 Defining firewall security objects
      3. 7.3 Scanning the firewall and fixing vulnerabilities (1/2)
      4. 7.3 Scanning the firewall and fixing vulnerabilities (2/2)
      5. 7.4 Identifying trusted and untrusted networks
      6. 7.5 Summary
  13. Section IV: Supporting Outgoing Services Through Firewall Configuration
    1. Chapter 8. Simple Policy Implementation
      1. 8.1 Chapter objectives
      2. 8.2 Policy configuration
      3. 8.3 Supporting HTTP
      4. 8.4 Dynamic content
      5. 8.5 Summary
    2. Chapter 9. Complex Web Services Management
      1. 9.1 Chapter objectives
      2. 9.2 Telnet
      3. 9.3 FTP
      4. 9.4 Handling port numbers
      5. 9.5 Deploying Real Audio
      6. 9.6 Summary
    3. Chapter 10. Content Filtering
      1. 10.1 Chapter objectives
      2. 10.2 Filtering out dangerous content
      3. 10.3 Summary
  14. Section V: Secure External Services Provision
    1. Chapter 11. Publicly Accessible Servers Implementation
      1. 11.1 Chapter objectives
      2. 11.2 Securing your organization’s Internet site
      3. 11.3 Separating your Internet site from your intranet
      4. 11.4 Supporting SMTP mail architectures
      5. 11.5 Summary
    2. Chapter 12. Architecture Selection
      1. 12.1 Chapter objectives
      2. 12.2 Types of screened subnet architectures
      3. 12.3 Single-box architecture
      4. 12.4 Summary
    3. Chapter 13. External Servers Protection
      1. 13.1 Chapter objectives
      2. 13.2 Siting external servers on a perimeter net
      3. 13.3 Deploying packet filtering to control access to your servers
      4. 13.4 Router packet filtering
      5. 13.5 Using router access control lists
      6. 13.6 Summary
  15. Section VI: Internal IP Services Protection
    1. Chapter 14. Internal IP Security Threats: Beyond the Firewall
      1. 14.1 Chapter objectives
      2. 14.2 Network threats
      3. 14.3 Organization risk assessment
      4. 14.4 Examining inside attacks
      5. 14.5 Handling new threats
      6. 14.6 Antivirus software technology: Beyond the firewall (1/2)
      7. 14.6 Antivirus software technology: Beyond the firewall (2/2)
      8. 14.7 Summary
      9. 14.8 References
    2. Chapter 15. Network Address Translation Deployment
      1. 15.1 Chapter objectives
      2. 15.2 Person-to-person communication
      3. 15.3 Internet protocol telephony
      4. 15.4 Routers, firewalls, and NATs
      5. 15.5 Handling SIP
      6. 15.6 Firewall traversal/SIP NAT
      7. 15.7 Employing a Linux-based SOHO firewall solution with NAT technology (1/3)
      8. 15.7 Employing a Linux-based SOHO firewall solution with NAT technology (2/3)
      9. 15.7 Employing a Linux-based SOHO firewall solution with NAT technology (3/3)
      10. 15.8 Summary
      11. 15.9 References
  16. Section VII: Firewall Remote Access Configuration
    1. Chapter 16. Privacy and Authentication Technology
      1. 16.1 Chapter objectives
      2. 16.2 Selecting cryptographic algorithms through encryption
      3. 16.3 Key management
      4. 16.4 Auditing, authentication, and authorization
      5. 16.5 High availability and load balancing
      6. 16.6 Transport and network
      7. 16.7 Encryption of multiple columns: database considerations
      8. 16.8 Summary
      9. 16.9 References
    2. Chapter 17. Tunneling: Firewall-to-Firewall
      1. 17.1 Chapter objectives
      2. 17.2 Increasing risk on extranets and intranets
      3. 17.3 Openness with protection of firewall tunneling and Internet security solutions
      4. 17.4 Firewall tunneling and Internet security architecture technologies
      5. 17.5 Firewall tunneling technologies
      6. 17.6 Demilitarized zone focus
      7. 17.7 Keeping the firewall tunneling security rules up-to-date through enterprise intranets
      8. 17.8 Summary
      9. 17.9 References
  17. Section VIII: Firewall Management
    1. Chapter 18. Auditing and Logging
      1. 18.1 Chapter objectives
      2. 18.2 Auditing your firewall
      3. 18.3 Logging (1/2)
      4. 18.3 Logging (2/2)
      5. 18.4 Summary
      6. 18.5 References
    2. Chapter 19. Firewall Administration
      1. 19.1 Chapter objectives
      2. 19.2 System administration
      3. 19.3 Managing your firewall remotely
      4. 19.4 Maintenance of a firewall
      5. 19.5 Managing firewall security
      6. 19.6 Summary
      7. 19.7 References
    3. Chapter 20. Summary, Conclusions, and Recommendations
      1. 20.1 Chapter objectives
      2. 20.2 Summary
      3. 20.3 Conclusions
      4. 20.4 Recommendations (1/2)
      5. 20.4 Recommendations (2/2)
      6. 20.5 References
  18. Section IX: Appendixes
    1. A. Contributors of Firewall Software (1/2)
    2. A. Contributors of Firewall Software (2/2)
    3. B. Worldwide Survey of Firewall Products
    4. C. Firewall Companies
    5. D. Commercial Products or Consultants Who Sell or Service Firewalls (1/2)
    6. D. Commercial Products or Consultants Who Sell or Service Firewalls (2/2)
    7. E. Establishing Your Organization’s Security
    8. F. Network Interconnections: A Major Point of Vulnerability
    9. G. Deterring Masqueraders and Ensuring Authenticity (1/2)
    10. G. Deterring Masqueraders and Ensuring Authenticity (2/2)
    11. H. Preventing Eavesdropping to Protect Your Privacy
    12. I. Thwarting Counterfeiters and Forgery to Retain Integrity Through a Reverse Firewall (1/2)
    13. I. Thwarting Counterfeiters and Forgery to Retain Integrity Through a Reverse Firewall (2/2)
    14. J. Avoiding Disruption of Service to Maintain Availability
    15. K. Developing Your Firewall Security Policy
  19. Glossary (1/2)
  20. Glossary (2/2)
  21. Index (1/3)
  22. Index (2/3)
  23. Index (3/3)

Product information

  • Title: Firewalls
  • Author(s): John R. Vacca, Scott Ellis
  • Release date: December 2004
  • Publisher(s): Digital Press
  • ISBN: 9780080491325