You may have even been assigned to implement or reassess a firewall design. In either case, you need to be familiar with the most common firewall configurations and how they can increase security. In this article, I will introduce you to some common firewall configurations and some best practices for designing a secure network topology. I have also put together a free download that includes Visio diagrams of all the topology examples used in this article.
Setting up a firewall security strategy
At its most basic level, a firewall is some sort of hardware or software that filters traffic between your company's network and the Internet. With the large number of hackers roaming the Internet today and the ease of downloading hacking tools, every network should have a security policy that includes a firewall design.
If your manager is pressuring you to make sure that you have a strong firewall in place and to generally beef up network security, what is your next move? Your strategy should be twofold:
- Examine your network and take account of existing security mechanisms (routers with access lists, intrusion detection, etc.) as part of a firewall and security plan.
- Make sure that you have a dedicated firewall solution by purchasing new equipment and/or software or upgrading your current systems.
Keep in mind that a good firewall topology involves more than simply filtering network traffic. It should include:
- A solid security policy.
- Traffic checkpoints.
- Activity logging.
- Limiting exposure to your internal network.
Before purchasing or upgrading your dedicated firewall, you should have a solid security policy in place. A firewall will enforce your security policy, and by having it documented, there will be fewer questions when configuring your firewall to reflect that policy. Any changes made to the firewall should be amended in the security policy.
One of the best features of a well-designed firewall is the ability to funnel traffic through checkpoints. When you configure your firewall to force traffic (outbound and inbound) through specific points in your firewall, you can easily monitor your logs for normal and suspicious activity.
How do you monitor your firewall once you have a security policy and checkpoints configured? By using alarms and enabling logging on your firewall, you can easily monitor all authorised and unauthorised access to your network. You can even purchase third-party utilities to help filter out the messages you don't need.
It's also a good practice to hide your internal network address scheme from the outside world. It is never wise to let the outside world know the layout of your network.
Hello,
I am starting to hear a lot about NetScreen & via the web NetScreen features alongside Cisco PIX
can you run something to update readers about NetScreen, perhaps run an unbias feature on NetScreen verses other Firewalls with VPN, etc.
Many thanks,
Josephine