1. Internet Security: FIREWALLS and BEYOND.
- Author
-
Oppliger, Rolf
- Subjects
- *
INTERNET security , *FIREWALLS (Computer security) , *COMPUTER network protocols , *NETWORK routers , *COMPUTER network security , *TCP/IP - Abstract
This article discusses firewall technology and the security protocols that have been proposed for the Internet, transport and application layer. A firewall builds a blockade between an internal network that is assumed to be secure and trusted, and another network, usually an external (inter)network, such as the Internet, that is not assumed to be secure and trusted. The general reasoning behind firewall usage is that without a firewall, a network's systems are more exposed to inherently insecure Internet protocols and corresponding services, such as probes and attacks from hosts elsewhere on the Internet. A firewall system usually consists of screening routers and proxy servers. A screening router is a multiported IP router that applies a set of rules to each incoming IP packet and decides whether it is to be forwarded on or not. A proxy server is a server process running on a firewall system to perform a specific TCP/IP function as a proxy on behalf of the network users. Firewall advocates consider firewalls as important additional safeguards because they aggregate security functions in a single point, simplifying installation, configuration and management.
- Published
- 1997
- Full Text
- View/download PDF