Firewalls: Guidelines And Procedures Essay

3091 words - 13 pages

Firewalls: Guidelines and Procedures

Introduction
Firewalls are devices or programs that control the flow of network traffic between networks or hosts that employ differing security postures. While firewalls are often discussed in the context of Internet connectivity, they may also have applicability in other network environments. For example, many enterprise networks employ firewalls to restrict connectivity to and from the internal networks used to service more sensitive functions, such as accounting or personnel. By employing firewalls to control connectivity to these areas, an organization can prevent unauthorized access to its systems and resources. Inclusion of a proper firewall ...view middle of the document...

The application layer sends and receives data for particular applications, such as Domain Name System [DNS], Hypertext Transfer Protocol [HTTP], and Simple Mail Transfer Protocol (SMTP). The application layer itself has layers of protocols within it. The transport layer provides connection-oriented or connectionless services for transporting application layer services between networks, and can optionally ensure communications reliability. Transmission Control Protocol [TCP] and User Datagram Protocol [UDP] are commonly used transport layer protocols. The IP layer routes packets across networks. Internet Protocol version 4 [IPv4] is the fundamental network layer protocol for TCP/IP. Other commonly used protocols at the network layer are Internet Protocol version 6 [IPv6], ICMP, and Internet Group Management Protocol [IGMP]. The hardware layer handles communications on the physical network components. The best known data link layer protocol is Ethernet (Sourour, Adel, & Tarek, 2009).
Addresses at the data link layer, which are assigned to network interfaces, are referred to as media access control [MAC] addresses. An example of this is an Ethernet address that belongs to an Ethernet card. Firewall policies rarely concern themselves with the data link layer. Addresses at the network layer are referred to as IP addresses. The transport layer identifies specific network applications and communication sessions as opposed to network addresses; a host may have any number of transport layer sessions with other hosts on the same network. The transport layer may also include the notion of ports. A destination port number generally identifies a service listening on the destination host, and a source port usually identifies the port number on the source host that the destination host should reply to. Transport protocols such as TCP and UDP have ports, while other transport protocols do not. The combination of source IP address and port with destination IP address and port helps define the session. The highest layer represents end user applications (Sourour, Adel, & Tarek, 2009).
Firewalls can inspect applications traffic and use it as the basic for policy decisions. Basic firewalls operate on one or a few layers, typically the lower layers, while more advanced firewalls examine all of the layers. Firewalls that examine more layers can perform more granular and thorough examinations. Firewalls that understand the application layer can potentially accommodate advanced applications and protocols and provide services that are user-oriented. For example, a firewall that only handles lower layers cannot usually identify specific users, but a firewall with application layer capabilities can enforce user authentication and log events to specific user (Sourour, Adel, & Tarek, 2009) .
Firewall Technologies
Firewalling is often combined with other technologies, most notably routing. Furthermore, many technologies often associated with firewalls are...

Other Papers Like Firewalls: Guidelines and Procedures

The Seven Domains of a Typical It Infrastructure

556 words - 3 pages firewall, and all this data can be checked for whether it is allowed for transfer. • Two main types of firewalls: network firewalls and host-based firewalls. Network firewalls, such as the software-based Microsoft’s Internet Security and Acceleration (ISA) Server or the hardware-based Nortel Networks Alteon Switched Firewall System, protect the perimeter of a network by watching traffic that enters and leaves. Host-based firewalls, such as

Security Assessment for Aircraft Solutions Essay

2494 words - 10 pages . Microsoft/Technet. Retrieved Nov 14th 2010 from, http://technet.microsoft.com/enus/library/cc700820.aspx#XSLTsection12312112020 Rouse, Margaret. (2002-2012). Tech Target. In Search Security. Retrieved June 28, 2012, from www.searchsecurity.techtarget.com/definition/firewall. Scarfone, K., & Hoffman, P. (2009). Guidelines on Firewalls and Firewall Policy. Gaithersburg: National Institute of Standards and Technology. undefined. (2009

Risk Managment

769 words - 4 pages , guidelines and procedures. • Analyze assets, threats and vulnerabilities, including their impacts and likelihood (See sheet # 1) • Assess physical protection applied to computing equipment and other network components. • Conduct technical and procedural review and analysis of the network architecture, protocols and components to ensure that they are implemented according to the security policies. • Review and check the configuration

Cyberlaw, Regulations and Compliance

1323 words - 6 pages information security. They are technical security, physical security and administrative security. Technical security refers to the various mechanisms and safeguards installed in the organization’s systems, which keep the data secure from any alteration and external breaches. For example IDS/IPS, Next-Generation firewalls, procedures for authentication, anti-spyware, anti-virus etc. Physical security refers to the keeping the network infrastructure safe

Discussion Board

691 words - 3 pages sense of security as it uses an encryption system that is trusted. Chetioui, Orhanou, Hajji, and Lakbabi (2012) write that DNSsec was created to ensure the integrity of DNS data and authentication of the source of such data. This is still gaining popularity in the information systems. Other security postures such as establishing baseline security procedures and creating policies that would have mitigated attacks. References: Chetioui, K., Orhanou, G., Hajji, S. E., & Lakbabi, A. (2012). Security of the DNS Protocol - Implementation and Weaknesses Analyses of DNSSEC. Gondcalves, M. (2000). Firewalls: A Complete Guide. New York: McGraw-Hill.

Denial of Service

716 words - 3 pages DoS/DDoS Prevention This document details guidelines that can be implemented to the school to prevent the recent DDoS attack the school experienced. These guidelines are by no means any requirement, however each will grant an additional layer of security for the current networks and services in production. Implement Policies and procedures An Acceptable Use Policy is a policy that defines what type of actions are allowed to be

Intro to Info Security Project Part 1

750 words - 3 pages Vulnerability Unauthorized access to workstation • Enable password protection on workstations for access. Enable auto screen lockout for inactive time. Unauthorized access to systems, applications, and data • Define strict access control policies, standards, procedures, and guidelines. Implement a second-level test to verify a user’s right to gain access. Account Policies | Password, lockout, and Kerberos settings. | Local Policies

Aircraft Solutions

1867 words - 8 pages . (2008). Retrieved 10 8, 2011, from NDB Advisory: http://www.pciassessment.org/faq-16.php Scarfone, K., & Hoffman, P. (2009). Guidelines on Firewalls and Firewall Policy. Gaithersburg: National Institute of Standards and Technology. Taylor, L. (2001, April 12). Guidelines for configuring your firewall rule-set. Retrieved September 29, 2011, from ZDnet: http://www.zdnet.com/news/guidelines-for-configuring-your-firewall-rule-set/298790 The Cisco

Cmgt400 Week 4 Individual

1359 words - 6 pages employees—and others working for the organization—play in this effort. A principle initiative for information security is the acceptance of responsibility by employees in ensuring standards, policies and procedures for handling company information are followed. To change the attitudes and behaviors of employees, specific guidelines, goals, and initiatives that best fit an organization’s security needs must be developed. This will create a

Top 10 Laws of Security

1706 words - 7 pages Security Policies, Standards, Guidelines and Procedures, in addition to applying suitable and effective level of awareness to deal with information assets in a healthy way. 3 Second Law: Security is must-to-have, not better-to-have decision In the past, security was not matured to be essential since the number of technology specialists was low, and easy to be known. Therefore, most applications were using minimal security measures, and

Legal Issues and Discovery Requests

961 words - 4 pages Legal Issues and Discovery Requests April 13, 2016  Introduction I going to research the FRCP (Federal Rules for Civil Procedures) and e-discovery as they pertain to email. I will also describe the rules governing the situation. I will also discuss how the rules specifically do or do not apply to the situation and make a recommendation of how the company should respond to the discovery request. I will then wrap it up with an overview of

Related Essays

Tda 2.2 1.1 1.1 Identify The Current Legislation, Guidelines, Policies And Procedures For Safeguarding The Welfare Of Children And Young People Including E Safety

740 words - 3 pages 1.1 - Identify the current legislation, guidelines, policies and procedures for safeguarding the welfare of children and young people including e-safety. Policies which safeguard children. Schools must develop a range of policies which ensure the safety, security and well-being of the children. These will set out the responsibilities of staff and the procedures that they must follow. Policies may be separate or together in one health and

It 255 Study Guide Flash Cards Essay

635 words - 3 pages Security Policy A security framework addresses these directives through policies and their supporting elements, such as standards, procedures, baselines, and guidelines.  Data classification standards Helps to determine the appropriate access to classify data.  Configuration control The management of the baseline settings for a system device.  SDLC Design is a primary step  Security

7 Domains Essay

272 words - 2 pages uses software to intercept the data being via the WAN. To prevent this from being a problem for your company you want to use an encryption and VPN tunnels for end-to-end secure IP communications. The administrator should create a data classification standard and the policies, procedures, and guidelines should always be followed. Another way to protect your WAN is to apply filters to your exterior IP stateful firewalls and IP router WAN interfaces to block TCP SYN and ICMP. The network administrator should contact the ISP to put the proper filters on its IP router WAN interfaces in accordance with CERT Advisory CA-1996-21.

Sec571 Course Project Essay

4163 words - 17 pages /publications/nistpubs/800-30/sp800-30.pdf]”. The consequences If this risk becomes real, the company’s data is lost or hijacked, client orders are stolen, budget scheduling and their deposit sections are exposed, and fund transfers get out of hands and create devastation in the company and its clients. Policy vulnerability AS company shows significant weaknesses in its policy that requires all firewalls and routers sets to be