Firewalls

A firewall system is a popular way to provide network security. The term firewall implies protection from danger, and just as the firewall in your car protects the passengers’ compartment from the car’s engine, a firewall computer system protects your network from the outside world. A firewall computer provides strict access control between your systems and the outside world.

The concept of a firewall is quite simple. A firewall is a choke point through which all traffic between a secured network and an unsecured network must pass. In practice, it is usually a choke point between an enterprise network and the Internet. Creating a single point through which all traffic must pass allows the traffic to be more easily monitored and controlled, and allows security expertise to be concentrated on that single point.

With a firewall in place, an intruder should not be able to mount a direct attack on any of the systems behind the firewall. The intruder must instead mount an attack directly against the firewall machine. Because the firewall machine can be the target of break-in attacks, it employs very strict security guidelines. But because there is only one firewall versus many machines on the local network, it is easier to enforce strict security at the firewall.

Firewalls are implemented in many ways. In fact there are so many different types of firewalls the term is almost meaningless. When someone tells you they have a firewall you really can’t know exactly what they mean. ...

Get Windows NT TCP/IP Network Administration now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.