The Network Security. Org

Make Your Firewall Work for You

I've recently had the opportunity to listen in on a couple of debates regarding firewalls and their utility, as well as their future in the corporate and educational environment.

Now there are two kinds of firewalls ? there is hardware which is most frequently network based, and software firewalls which are generally deployed on local hosts. Network-based firewalls can be considered perimeter or enterprise firewalls since they sit at the gateway to the Internet and inspect packets before allowing ingress or egress. But you know all this already (or you've been pretending that you do).

Network firewalls consist of hundreds and hundreds of rules that packets are matched against to determine if the packet is malicious. This is a good thing. However, if your network carries more traffic than the firewall appliance can handle, it's a bad thing. The appliance usually defaults to ''open'' ? letting traffic through ? rather than ''closed'' ? dropping the un-inspected packets on the floor. The first can be problematic for the security of the network. The second is problematic for the people trying to get work done.

Another problem arises when you have extensive amounts of what might be considered anomalous traffic. This might be anything from JPEGS being uploaded or downloaded (or even viewed in a browser) to plaintext instructions on how to do something that contains URLs of various forms. This type of traffic can be flagged as Web attacks or directory traversal attacks, when they aren't at all. Make Your Firewall Work for You

More News

• Website infection rate triples
  



• How to Use Honeypots to Improve Your Network Security
  



• Microsoft Patch Tuesday Targets 26 Application Flaws
  



• SSL VPNs might not be as secure as you think
  



• 8 tips to filter spam effectively
  



• Onus on IP address owner to prove innocence
  



• How to install an SSH Server in Windows Server 2008.
  



• Several vulnerabilities closed in the Linux kernel
  



• 8 Best Practices for Encryption Key Management and Data Security
  



• Free Honeypot Client Could Sting Malware
  



• What Firewalls Do & Donot Do
  



• Symantec fingers D Link for bot attacks
  



• WhiteHat: 90% of Sites Still Vulnerable
  



• Red Hat releases free security code
  



• A new type of Bluetooth security
  



• Dude, where is my perimeter?
  



• Scaring users into IT security
  



• VMware fixes security bugs
  



• The top 10 security land mines
  



• Encrypt volumes through a cross platform GUI with TrueCrypt 5.0