Firewalls
We understand the complexity of implementing firewalls. We
have installed and implemented many of the most popular firewalls
including Open BSD, Linux, Raptor, PIX, and of course Check
Point's Firewall-1. We understand the configuration issues
when implementing these firewalls.
Firewalls are often a collection of hardware devices and
software that protect an organization from networks of dissimilar
levels of trust. Firewalls are used for connections to the
Internet or public networks, connections to third party suppliers
and vendors, extranets, and within corporate environments
to limit access to sensitive networks. Firewalls also define
special networks that must be accessible to untrusted networks
and yet separate form internal networks.
Hardware
Hardware must be configured to meet the security requirements
of the organization. Networks need to be defined for DMZ,
external, extranets, and internal segments. The firewall hardware
must also be hardened. Hardening is the process of creating
a secure platform for the firewall. The firewall must provide
sufficient bandwidth capacity and throughput. Other issues
include latency and delay, routing to and from the hosts,
addressing, address translation, name resolution, and other
network services.
Software
Software must be configured to enforce the security policies
of an organization. This includes what to allow, what to monitor,
and what should be blocked. Other configuration options may
include how to deal with malicious activity, dynamically blocked
ports, technical options, address translation, performance
optimization, anti-spoofing, content filtering, and information
leakage.
© 2003 Hudson Business Networks
|
