Contact us for more information about our business solutions and capabilities
 

spacer
About CACI CACI Careers CACI Investor Info Contact CACI spacer
Search
spacer
blackline
CACIHealth
Proven Industry Performance.

Firewalls: A Primer

A firewall is a process that filters all traffic between a protected or "inside" network and a less trustworthy or "outside" network. Firewalls implement a security policy. A firewall is a gateway which all traffic passes through to and from a protected network.

The term firewall is used rather loosely... three different things are known as firewalls

  1. Screening routers
  2. Proxy gateways/servers
  3. Guards

Screening routers tend to implement a simplistic security policy. Proxy gateways have a richer set of choices for security policy. A guard is a sophisticated proxy firewall. Guards decide what services to perform on a users behalf.

Firewall architectures can operate at the application layer, transport layer or network layer of the OSI model. Firewalls are not complete solutions to all computer security problems. They protect the perimeter of the environment against attacks. If one inside host connects to an outside address by a modem the entire inside net is vulnerable through the modem and its host.

Firewalls do not protect data outside the perimeter. Data that has passed through the firewall is just as exposed as if there was no firewall. Firewalls are the most visible part of an installation to the outside and they are the most attractive target for attack.

Firewalls are targets for penetrators. Firewalls should be kept small and simple, running only the required software so that if a penetrator does get through, the firewall does not have further tools such as compilers, linkers or loaders to continue the attack.

Firewalls exercise only minor control over the content admitted to the inside. Inaccurate data or malicious code must be controlled inside the perimeter.

Summary

Firewalls are very important tools in protecting an environment connected to a network. The environment must be viewed as a whole - all possible exposures must be considered. Firewalls must fit into a larger comprehensive security strategy. They alone cannot secure an environment.

Firewalls can protect against common attacks, such as denial of service, security breaches or configuration changes. They can provide alerts via email, pager or network management alarms. Firewalls also provide extensive logging and audit trails.

Dede Schultz, Communications Systems Division VP, Technology Services

Demo page