EduCheer!

Free Samples and Examples of Essays, Homeworks and any Papers


  • Absolutely free
  • Perfect homeworks
  • Fast relevant search
  • No registration and Anonymous

Firewall policies

Filed Under: Essays

3 pages, 1167 words

Firewall is the in between security device that controls communication between a public network internet and a private network. A firewall can either be a piece of software or hardware. Based on policies laid down according to the organizations, the firewall permits outbound and inbound network traffic. The firewalls have predefined rules which allow access to authorized connections and blocks unauthorized connections. It also provides a log of events pertaining to network traffic which is reviewed by the administrator to detect any anomalies.

Firewalls are commonly used as a perimeter security measure for networks. They safeguard the entry points into the private networks. Their main purpose was to protect the private network from any external threat. In case an intruder was successful in bypassing the firewall he could easily gain access to the internal network systems. Also surveys have reported that organizations need to concentrate equally on internal threats to prevent breach of security. Cyber criminals use sophisticated technology to carry unauthorized intrusions and a single firewall is not enough to contain them.

By following a multilayered approach, also known as defense- in- depth, one can minimize malicious attacks thus securing the cyber infrastructure. Security can be fortified by possessing more than one line of defense. Use of distributed firewall for defense- in- depth philosophy. The primary focus of defense-in-depth strategy is using multiple overlapping security measures. This ensures that even if an attacker has overcome one security measure, he has to face the next level of security to gain access.

4 pages, 1651 words

The Research paper on Deploying Application Firewall in Defense in Depth Principle

Deploying Application Firewall in Defense in Depth Principle Abstract Information security should be a priority for businesses, especially when they are increasingly involved in electronic commerce. With the understanding that securing an operating system successfully requires taking a systematic and comprehensive approach, security practitioners have recommended a layered approach called defense- ...

Rather than deploying a single firewall, a better approach would be to compartmentalize network security and use multiple firewalls to protect internal systems from unauthorized attacks. Different security measures such as content filtering, intrusion detection and internal firewalls constitute a good defense-in-depth plan. The focus of such a plan would however still pay on its implementation of firewall policies. The quality of a good defense-in dept system should encompass the following: A) Restricted access to networks and employee monitoring would be carried out.

b) Information laden crucial servers would be given limited access. c) Use of internal firewalls to monitor the important servers. d) In case a threat arose, it would be on an a local machine rather than involving the complete network. With the use of strong internal firewalls, one can secure the network. Thus an attacker would have to deal with several layers of security to gain access to vital information. If an attacker ends up breaking one layer of security, he will still has to encounter the second layer. An ideal situation to prevent internal threats is to use distributed firewalls.

In this strategy every network has a firewall device to monitor it. A central server would be used to enforce individual firewall policy on each system in the network. Therefore, this centralized approach in the defense-in-depth mechanism, ensures that there exists a security blanket in terms of firewalls over each component of the network. The security of the entire network and servers remains uncompromised even if a single machine falls prey to internal threat. The security infrastructure of information centric organizations can be strengthened by using this layered concept of internal firewalls.

5 pages, 2161 words

The Term Paper on Peer To Peer Network Server Security Client

Peer-to-Peer Networking vs. Network Domains Difference Between network can be based on either a peer-to-peer level or server-based, also referred to as domain-based. To distinguish the difference, a peer-to-peer network, also known as a work group, is a network in which a group of computers are connected together to share resources, such as files, applications, or peripherals. The computers in a ...

To implement the fundamental principle behind defense in depth, multiple networks in organizations to have clear cut defined boundaries. It is much easier to divide a huge network into small sized networks and exercise control over them. Firewall policies Firewall policies are rules governing network traffic between the internet and private network. Access to services are provided by set of rules laid down by the administrator, thus preventing internal networks from viruses attacks and malicious intents. An example of firewall policy is the one which is applied to University of Alberta. Outsiders can access the firewall by using access.

cs. ualberta. ca via the secure shell network protocol. Once the users login, their computer systems is indentified as a trusted system. This status will ensure that all data packets originating from the system are not restricted by the firewall. The status holds true till the user is logged in the firewall. Outbound traffic would be data packets sent from university network to external network and incoming traffic would be packets arriving from external network to university network. The firewall policies laid down by the University for the Security of the intranet is as follows: a) Allow any kind of valid outbound traffic

b) Restrict inbound traffic. c) Accept connections only from trusted machines. d) Reject connections from unknown machines or machines not identified as trusted. e) Allow incoming traffic from TCP port 22. f) Permit incoming of (ICMP)packet types 0,3,8. Block any other packets from entering the intranet. The above said firewall policy measure provides perimeter network security to the university. The complete network has a firewall blanket which will prevent any suspicious data or connection entering the university network. Analysis of how the policies will assist in the mitigation of network attacks.

The login to the firewall of the University of Alberta is via a secure channel. Secure shell protocol deters interception and tinkering of data since it uses encryption while it is being transmitted. All legitimate connections made from the university network in accordance with security guidelines would be allowed. Since only trusted machines. i. e those using ssh protocols are allowed to establish connection with university network, any unauthorized connection from any other IP address will get rejected by the firewall. Packets are allowed inside the network only if they are session related.

1 page, 327 words

The Essay on Implementation Of A Data Classification Policy

One the first steps in implementing an effective security plan is to periodically assess Organizational risks. Identifying and mitigating risk will help in establishing a security management structure and assigning security responsibilities. Without having an understanding of your risk you are unable to determine the proper security policies, procedures, guidelines, and standards to put in place ...

The restriction that only those packets are allowed inside the network if they are connected to the outgoing packets. Connection inside the network can be established by the trusted TCP 22 port further alleviating the security. Only those ICMP packets containing messages such as destination unreachable and connection request are allowed. The policy takes care of protecting the network from unauthenticated intrusion. However there are no restrictions on internal communications within the network which also pose potential threat to security of the systems. Timeout mechanisms also need to be outlined otherwise clogging of firewall may take place

Conclusion Firewalls provide a very needed solution to protect violation of information. However there is an ever growing need to realize that security is a dynamic process. By just formulating and implementing firewall policies is not enough. These policies need to be constantly reviewed as technology keeps changing and so do the threats. By implementing diverse security technologies, organizations can shield themselves better from attack. Thought defense-in-depth is cumbersome to implement, one step forward would be to at least have internal firewalls for systems within the network.

Thus an attacker will have to face the daunting task of finding his way through a layer of security policies. References Achieving Defense-in-Depth with Internal Firewalls. . Retrieved June 12, 2009. http://www. sans. org/reading_room/whitepapers/firewalls/achieving_defenseindepth_with_internal_firewalls_797? show=797. php&cat=firewalls Firewall Policy. Retrieved June 12, 2009 . http://www. cs. ualberta. ca/doc/Policy/firewall. pdf Defence in depth. Retrieved June 12, 2009. http://en. wikipedia. org/wiki/Defense_in_deptha

Similar Papers

Information Security Policy

... the user. Network Security Policy 1 Data network overview Sunica ... Firewall system 1 Packet-filtering router firewall system A packet ... operate properly. 2 Internal, external, and environmental ... accessing systems. 2 Screened host firewall system Firewalls ...

Final Project Information Security Policy

... Information Security Policy • Complete the Network Security Policy and Executive Summary portions of the Information Security Policy. o For the Network Security Policy portion, include the following: • Network access • Network security control ...

The Role of Information Security Policy

... employees Provide a basis for legal defense should a breach occur An effective security policy is a living idea, ever changing ... is a method of controlling how users access and interact with the network. If implemented correctly RBAC allows the user ...

Network Security

... and access points should be considered in the illustration. e. Create and describe a comprehensive security policy for ... considerations. Assumptions should be drawn regarding network usage in relationship to network services and resources. All the ...

The Role of Information Security Policy 2

... compliant with the security policies. For example, the IT staff may install software that blocks access to prohibited ... 2010). Network Network-level security is about securing the network and as such is heavily focused on controlling access through ...

The Role of Information Security Policy 4

... rules, laws, and practices for computer network access” (2013, “Security Policy”). The document regulates how an ... information security policy include: * Minimization of data leak or loss. * Protecting the organization from malicious internal ...

All Papers Are For Research And Reference Purposes Only. You must cite our web site as your source.