WOUGNET - Women of Uganda Network [Logo]

       
The WOUGNET website is under re-development.
Your input and suggestions on changes we need to make are most welcome.
Please send comments to techsupport@wougnet.org.
Thank You!


Women of Uganda
Organisations
In Parliament
Publications
Women Studies

Sarah Ntiro Award

Commonwealth Women's Network
 
Action Alerts
Speak Out!
16 Days of Activism against Gender Violence
 
Support
TechTips
WebDesign
WorldSpace
Satellite Radio
Program (WSRP)
 
ICT Policy
ICT Policy Issues in Uganda
ICT Policy Training
ISUG Forum
Uganda National
ICT Directory
Open Source
World Summit on the Information Society (WSIS)
WSIS - Uganda

World Summit Awards (WSA), Uganda
 
Links & Resources
Women & Gender
Agriculture
Business
Development
Education
Environment
Health
HIV/AIDS
Human Rights
ICT-Related
Intl. Women's
Organizations
General Resources
Add Link
 
News & Events
News & Events
Submit News
IARW conference
WOUGNET Presentations
WOUGNET Projects
 
WOUGNET
Contact Us
About WOUGNET
WOUGNET Membership
WOUGNET Mailing List
WOUGNET List FAQ
WOUGNET Update Newsletter
Search WOUGNET
Home

        
               
WOUGNET - Women of Uganda Network
                


Firewalls: Advanced

Prepared by Craig Knott

This article is designed to introduce you to the term - Firewall. It is advised WOUGNET members read through Part I first as it provides a much simpler introduction to Firewalls and what they are.

The second part has been composed for the more advanced computer users among you. In particular it will look at the more expensive programs used by large businesses and firms across the globe. If you are an IT administrator or part of a small company you may wish to go straight on to this second part.

In case of any queries or requests for tips, please write to techtips@wougnet.org.

FIREWALLS: ADVANCED

A firewall is a set of related programs, located at a network gateway server that protects the resources of a private network from users from other networks. An enterprise with an intranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to.

Basically, a firewall examines each network packet to determine whether to forward it toward its destination. A firewall also includes or works with a proxy server that makes network requests on behalf of workstation users. A firewall is often installed in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources.

There is a number of firewall screening methods. A simple one is to screen requests to make sure they come from acceptable (previously identified) domain names and Internet Protocol addresses.

A number of companies make firewall products. Features include logging and reporting, automatic alarms at given thresholds of attack, and a graphical user interface for controlling the firewall.

THE USE OF FIREWALLS WITHIN BUSINESS

It is interesting to note that electronic computers came into being for the purpose of stealing data. Alan Turing's Enigma machine, recognised as the first electronic computer, was used to crack the German Navy's encryption codes during WWII. It's hardly surprising then that computers should present a potential threat to data security today.

Although a danger to the home PC user, the problem today?s hackers present to businesses is a lot more worrying. The prospect of emerging electronic commerce has left businesses on the horns of a dilemma - trade over the Internet and risk attack from hackers and data thieves, or continue to trade by conventional means and lose competitive advantage to more technologically minded entrepreneurs.

A recent survey of the top 3,000 UK businesses by Internet consultancy firm JCP shows that 77 per cent of the businesses surveyed are concerned about the security of electronic payment over the Internet.

Before these standard Internet security systems are discussed, it's worth considering what needs to be protected. For most businesses, the first thing that springs to mind is confidential or proprietary data (trade secrets), which may include research and development on a new product, or, internally, personnel files, and salary data. Anyone with access to this information can sell it to competitors who will use it to steal a product development lead or poach key staff.

Second, the business is at risk from individuals who disrupt the service of the network, be it intentional or not. The former may accidentally introduce a virus into the network, which will lock up a PC or server. The latter may bombard a server with incoming messages or connection requests that lock it up by occupying the processor, rendering the hardware useless.

Finally and probably most importantly for anyone thinking of using the Internet for trade, electronic transactions of all kinds are vulnerable to interception and corruption. Not only are financial transactions at risk, it's quite possible to analyse the patterns of a company's incoming and outgoing email traffic and use the information to predict future alliances, mergers, takeovers and contract wins.

TWO TYPES

There are two basic types of firewalls: packet-filters and proxy servers. Some other sources define more categories, but these are the basic two. Many commercial firewall products are hybrids of these two types.

A packet-filter firewall does just what the name implies. It blocks access through the firewall to any packets, which try to access ports that have been declared "off-limits." Some versions allow you to specify that only packets from specific IP address can pass particular ports. Others allow for all except specific IP addresses. But regardless of the method, they all are trying to block access based on some set of rules.

The proxy server (also known as "application gateway") type of firewall attempts to hide the configuration of the network behind the firewall by acting on behalf of that network, or as a "proxy." All requests for access are translated at the firewall so that all packets are sent to and from the firewall, rather than from the hosts behind the firewall. These firewalls also allow for various access control rules to be enforced. The major difference between these and packet filters, is that packet filters operate on individual packets, whereas the proxy servers must be aware of the entire session.

You will also hear the term "stateful inspection" with regard to firewalls. What this feature does is have the firewall remember what outgoing requests have been sent and only allow responses to those requests back through the firewall. This way, attempts to access the internal network that have not been requested by the internal network will be denied. Either type of firewall can use stateful inspection.

Regardless of which type of firewall, someone has to configure the firewall to make it work properly. The rules for access must be defined and entered into the firewall for enforcement. A security manager is usually responsible for the firewall configuration. How the particular policy is set that the rules are to enforce is an internal matter for the owner of the internal network.

The above is a greatly simplified introduction to firewalls. A good reference book to learn more would be Building Internet Firewalls, Second Edition by Elizabeth D. Zwicky, Simon Cooper and D. Brent Chapman (Published by O'Reilly & Associates; Second Edition June 2000; 894 Pages; ISBN 1-56592-871-7).



TechTips main page




Featured on WOUGNET mailing list: December-28, 2003