FIREWALLS GO BACK

      We can help!

      As enterprises grow, corporate networks will most likely be growing to support this expansion. As growth occurs, so do security risks. Expansion of your enterprise's Internet and mobile computing infrastructure will result in an increased number of access points to privileged corporate data. Every access point represents a possible vulnerability that may be exploited to gain unauthorized entry into the newly expanded network. Knowledge of the access points, and how these must be configured to protect the enterprise's intellectual, commercial and proprietary assets from hackers, competitors, and electronic vandals is an essential pre-requisite to enabling the enterprise to continue to operate in a safe and productive manner.

      Typically, the first line of technical defense within the enterprise is to protect access to and from the Internet with a firewall. This will place a barrier between the corporate network and the outside, thus securing the perimeter and repelling hackers. Each firewall acts as a single point of entry, where all traffic coming into the network can be audited, authorized and authenticated. Based on the rules used to configure it, the firewall will alert you of any suspicious activity.

      Common Types of Firewalls
      Firewall technology has changed over the past few years, so whether an enterprise needs to replace an existing firewall, or is installing one for the first time, the enterprise needs to be up-to-date on what's available today and what the specific security requirements are for the various types of firewalls.

      Each kind of firewall offers a different degree of security and flexibility based on how each firewall type deals with network traffic. Below you will find an overview of some basic types of firewalls. Discover what each type has to offer:

      1. Router. A simple router is an inexpensive form of protection. However, a router is not a very comprehensive form of protection, and lacks the level of flexibility and features that a full-security enterprise firewall provides. A simple router is the "traditional'' network layer firewall, and it is not able to make particularly sophisticated decisions about who a packet is actually talking to or where it actually comes from.
      2. Packet filter. A packet filter is a very simple type of firewall. Often, packet filters are located on routers, and most major router vendors supply packet filters as part of the default distribution. The firewall examines each packet based on source and destination IP addresses as well as source and destination TCP/UDP ports, and accepts or rejects it based on basic user-defined rules.
      3. Stateful packet systems. Stateful packet firewalls (sometimes called smart packet filters) control network traffic using a similar method of packet filters, but go beyond them to examine the context of data packet streams rather than just filtering them. Stateful packet firewalls make access decisions based on the source and destination of IP addresses and ports and the service requested by the packet. These firewalls are called "stateful" because they can remember prior connection states, and as a result, build a context for each data stream in memory. The firewall evaluates each new packet it receives against current connection context to determine if this is a new connection or a continuance of an existing session. In the latter case, the amount of processing the firewall performed in checking the packet is substantially less than for a new connection.

        These firewalls at the network layer tend to be fast and the users will probably not even realize that the checks are taking place, but this simplicity leads to the filter's biggest drawback: one user on a machine cannot be securely distinguished from another on the same machine since no packet filter firewalls (stateful or otherwise) support user authentication by default. User authentication requires the addition of an authentication application proxy.

      4. Application proxy. An application-level proxy is a software program running on the firewall that imitates both ends of a network connection. Each computer communicates with the other by forcing all network traffic through the proxy program, so the data can be examined and connections can be authorized, effectively isolating the local network from the Internet while scrutinizing the data. The proxy program evaluates data sent from the client and decides which to pass on and which to drop.

        Each different application has its own proxy program that emulates the application's protocol (FTP, HTTP, SMTP, etc.). As application-level firewalls do not allow traffic to pass directly between networks, detailed logging and auditing of traffic passing through the firewalls can be done. The "virtual connection" created by the application-level firewall automatically hides the internal client IP address and conceals the arrangement of the internal network from outsiders.

      The industry-leading Cisco PIX 500 Series Firewall (<-Click Here) provides today's networking customers with unmatched security, reliability, and performance. The integrated hardware and software Cisco PIX Firewall package delivers full stateful firewall protection and IP Security (IPsec) virtual private networking (VPN) capabilities, allowing you to rigorously protect your internal network from outside intrusions.

      Unlike typical CPU-intensive full-time proxy servers, Cisco PIX Firewalls use a non-UNIX, secure, real-time, embedded system. Its tradition of flexibility and scalability, combined with a wide selection of platforms and features, allows the Cisco PIX Firewall to meet the entire range of customer requirements.

      WE CAN HELP! 

      E-MAIL US FOR A PASSWORD OR GO BACK