Page 167 - DCAP516_COMPUTER_SECURITY
P. 167

Unit 13: Firewalls




                                                                                                Notes
                                   Figure 13.6: Dual Homed Gateway






















                 Example: Application Layer Firewall
          In Figure 13.6, an application layer firewall called a “dual homed gateway’’ is represented. A
          dual homed gateway is a highly secured host that runs proxy software. It has two network
          interfaces, one on each network, and blocks all traffic passing through it.

          The Future of firewalls lies someplace between network layer firewalls and application layer
          firewalls. It is likely that network layer firewalls will become increasingly “aware’’ of the
          information going through them, and application layer firewalls will become increasingly
          “low level’’ and transparent. The end result will be a fast packet-screening system that logs and
          audits data as it passes through. Increasingly, firewalls (network and application layer) incorporate
          encryption so that they may protect traffic passing between them over the Internet. Firewalls
          with end-to-end encryption can be used by organizations with multiple points of Internet
          connectivity to use the Internet as a “private backbone’’ without worrying about their data or
          passwords being sniffed.

          13.3.3 Circuit-Level Firewalls

          These applications, which represent the second-generation of firewall technology, monitor TCP
          handshaking between packets to make sure a session is legitimate. Traffic is filtered based on
          specified session rules and may be restricted to recognized computers only. Circuit-level firewalls
          hide the network itself from the outside, which is useful for denying access to intruders. But they
          don’t filter individual packets.

          13.4 Firewall Configuration

          Today’s Internet is a dangerous place for your computer; there’s just no denying it. A few years
          ago you could happily go about your business on the web without any form of protection, and
          still face only a slim chance of being virus infested, hacked or otherwise interfered with. These
          days it’s practically impossible. There are vast amounts of viruses and malware infections
          moving through the Internet daily, many of which need no prompting or permission to infect
          an unprotected computer.
          To prepare yourself for today’s Internet environment, you need the holy trinity of computer
          security: effective antivirus/anti-spyware software, regular updates and a firewall.






                                           LOVELY PROFESSIONAL UNIVERSITY                                   161
   162   163   164   165   166   167   168   169   170   171   172