YieldTech - Your Linux Solution Partner
Home     Linux     Products & Services     Embedded Linux     Open Source     Corporate Česká verze

 

FIREWALL

The Internet is not only the global computer network, but it becomes a live environment together with potential aggressivity and possible attacks.

Organizations around the world are embracing the Internet and Internet technologies to forge new and profitable business relationships. Firewalls help organizations balance the openness of the Internet with the need to protect the privacy and integrity of sensitive business communications and internal network and data against attacks from the Internet.

What is a firewall?
A firewall is a network security device positioned between two different networks, usually between an organization’s internal, trusted network and the Internet.

What do firewalls do?
A firewall ensures that all communications attempting to cross from one network to the other meet an organization’s security policy. Firewalls track and control communications, deciding whether to allow, reject or encrypt communications. In addition to protecting trusted networks from the Internet, firewalls are increasingly being deployed to protect sensitive portions of local area networks and individual PCs.

Typical firewall implementation:

How do firewalls work?
Historically, three different technologies have been used to implement firewalls: Packet Filters, Application-Layer Gateways and Stateful Inspection.

Packet filters, usually implemented on routers, filter traffic based on packet content, such as IP addresses. They examine a packet at the network layer and are application independent, which allows them to deliver good performance and scalability. They are the least secure type of firewall, however. The reason is that they are not application aware, they cannot understand the context of a given communication, making them easier for hackers to break.

Application gateways improve on security by examining all application layers, bringing context information into the decision process. However, they do this by breaking the client/server model. Every client/server communication requires two connections: one from the client to the firewall (which acts as a "proxy" for the desired server) and one from the firewall to the (actual) server. In addition, every application requires a new proxy, making scalability and support for new applications a problem.

Stateful Inspection provides the highest level of security possible and overcomes the limitations of the previous two approaches by providing full application-layer awareness without breaking the client/server model. Stateful Inspection extracts the state-related information required for security decisions from all application layers and maintains this information in dynamic state tables for evaluating subsequent connection attempts. This provides a solution that is highly secure and offers maximum performance, scalability, and extensibility. The leading product based upon Stateful Inspection is the Check Point FireWall-1, which has become the de facto standard for firewalls.

YieldTech provides the network security solution on the Linux platform based on Linux kernel packet filtering or Firewall-1 from CheckPoint Software Technologies Ltd. and InterScan VirusWall from Trend Micro.

 

 

 Linux firewall HOWTO
 
 IPchains HOWTO
 
 CheckPoint Software Technologies
 
 Trend Micro
 
 Linux firewall survey
 
 ICSA Labs
 
 T.REX Firewall
 

YieldTech Your Linux Solution Partner