Protecting your LAN is no longer Optional

The ever-increasing threat presented by viruses and crackers necessitates a hard-line approach to controlling access to your data.

Your LAN is one of your most precious assets. In fact, all the information on it and all the information that passes through it can be thought of as the blood of your company. Not too long ago, your only method of protecting it was to make sure that any disks brought into the company weren’t infected with viruses and to ensure that any disks leaving the company were safeguarded against your competitors.

Then came the Internet – a vast resource and an excellent medium for trading and communicating – and with it a populace of competitors, brazen crackers and people who enjoyed defacing property. Now that you’re connected, there’s a whole new game to play – a game that involves controlling who accesses what data. In short, you’re looking at firewalls. So what exactly is a firewall and why do you need one?

The main function of a firewall is to keep out all the vandals and pirates while you get your work done. Quite simply, it is a system that enforces an access control policy between two networks, most notably the Internet and your LAN. Most companies, particularly large ones, should already have some sort of security in place. And if those organizations are connected to the Internet, then a firewall should be functioning as an important aspect of that security policy as a whole.

Although many companies considering Internet access are concerned about the violation of data and decreased employee productivity, there are ways to prevent this. And a firewall, developed as it is around concept of filtering your Internet traffic, is the best way to do this.

A firewall probably is best described as a two-way filtering system that controls which resources are permitted on your network and which are denied. For instance, you may not want to block external access to your web server where you perform advertising tasks and online commerce, and you probably don’t want to block email as a resource. But, you do want to prevent unauthorized interactive logins from outside, and you may well want to prevent people on your network from browsing pornographic and gaming sites. Ultimately, your firewall controls the traffic coming in and the traffic going out.

In addition to that, your firewall provides you with an auditing tool, by which you can monitor all the traffic moving in and out of your network. The firewall should be able to provide the administrator with summaries of data including information such as the number of break-in attempts and from where they appear to come from. Essentially, your firewall is the last outpost on your network, and should anything go wrong, you should simply be able to pull the power and stop all network traffic between your LAN and the outside world.

The Ground Work

While all this may sound very neat and easy to implement, there are a number of considerations that should be taken into account before you kill the budget on a package that isn’t really designed to meet your needs. Among these are firewall objectives which will help clarify what you need and how much you’re willing to spend to meet that need.

The first thing you need to do is to outline your level of paranoia. Are you going to permit only mission critical Internet connections and deny all other services, or are you looking for a method of auditing and monitoring your connections? This should be seen as a method of establishing the risk factor involved in giving your LAN Internet connectivity. Once you have established this, you’re in a position to draw up an implementation checklist that will outline which services you’re going to permit and which you’re going to deny.

You can also identify which services you’re going to monitor and which will help you to clarify the focus of your network traffic. When this is done, you can develop a risk assessment of your policy with which your management should be happy. Finally, you need to establish the amount of control, monitoring, and maintenance that you’re looking for, and with that down, you’re ready to start browsing the marketplace for appropriate software.

Unfortunately, it’s not as simple as browsing through a couple of boxes with pretty logos and then selecting the one with the gold-embossed brand name.

The Firewalls

Today, you’re looking at two types of firewall. The first is the Network Layer Firewall which deals mostly with routing rules. In other words, when a packet of data arrives at the firewall it checks to see where it came from, where it is going, what it is used for, and then decides whether or not it is authorized.

The second is the Application Layer Firewall, which consists of proxy servers that prevent direct traffic between networks. Proxies tend to perform elaborate logging and auditing of all the network traffic intended to pass between the LAN and the Internet, and then cache information so that the client accesses it internally rather than directly from the source. Outgoing data is received from the proxy and not from the actual machine inside the network that is providing the information. Basically, an Application Layer Firewall acts as an ambassador for your LAN to the Internet.

Although the two firewalls are conceptually different, in an effort to provide a thorough product, many modern firewall packages do attempt to integrate the two. Obviously, there are pros and cons associated with each type of firewall.

A simple firewall exists in the form of a router on the network layer. However, actual routers don’t tend to make particularly sophisticated decisions about the content or source of a data packet. Recently, firewalls of this nature have become far more complex, and now many attempt to monitor the actual content of data streams and the services they make use of, while also checking for IP or DNS (Domain Name Service) spoofing.

The most distinguishable feature of a Network Layer firewall is its ability to allow IP traffic to pass through it. Unfortunately, that your network is probably going to need an assigned IP address block which can be difficult to obtain. Fortunately, Network Layer Firewalls are almost completely transparent and anyone using your LAN will not even be aware of its presence.

From here, you can look at connecting various subnets all behind the firewall. And the only configuration that is going to take place is at the actual firewall itself. Since they are performing routing tasks rather than actually reading or writing data, or running services, the system requirements are minimal and they tend to run very fast.

A proxy server or Application Layer Firewall will be the only Internet connected machine on your LAN. For the rest of the machines connected to the proxy server, Internet connectivity is just simulated. There are several benefits to this; you can for instance, limit internal access to the Internet, identifying which sites your LAN may and may not visit, and what services your LAN can actually use. The caching service provided by the proxy also means that you’re saving on bandwidth. Subsequently browsing popular web sites becomes a lot quicker.

As mentioned, proxies provide more than adequate logs. And because no other machines on the network are effectively connected to the Internet, you don’t need valid IP addresses for every machine. So, Application Layer Firewalls are very effective for small office environments that are not connected with a leased line and have allocated IP address blocks. In fact, your proxy server can even perform dial-up connections on behalf of your LAN, and manage all your LAN’s email and any other Internet requests.

The downside is quite dramatic, though. Since no traffic is allowed on to the Internet, any machine on the network that requires Internet access needs to be configured for the proxy. A proxy server hardly ever functions at a level completely transparent to your users. Furthermore, a proxy has to provide all the services that a user on the LAN uses, which means that you’ve got a lot of server-type software running for each request. This results in a slower performance than you would get out of a Network Layer Firewall. You’re also looking at lots of RAM to match the system requirements. Furthermore, because proxy servers do not provide the same kind of flexibility as a Network Layer Firewall, they tend to enforce a relatively conservative security policy on your network.

Systems Management

Unix-based operating systems have always been the favorite for firewall implementation, chiefly because their system requirements are relatively low (therefore freeing up resources for the firewall itself). Unix platforms also support routing facilities and there have been significant developments in the production of high quality material on the network layer. And, a lot of it is free.

However, Unix systems are not particularly user-friendly, and configuring a firewall is not an easy task to undertake. If you’re looking at this option you’re also going to be looking for an experienced Unix technician.

Remember that to be really effective, your firewall needs to form part of both a comprehensive and integrated security policy. After all, it’s no good having an iron door to a wooden house.

Listed below are more articles related to the above article from the "Security" article category.

People interested in the above article "Protecting your LAN is no longer Optional" are also interested in the related articles listed below:

Finding your way around Antivirus XP 2008

The XP Antivirus 2008 is a deceitful, harmful and widespread counterfeit antispyware that has destroyed many computers on the internet. XP Antivirus 2008 occurs when a fake video codec is installed that contains malware, trojans and/or other viruses.

How to Identify and Beat the win32 Adware Virtumonde Virus

The win32/adware.virtumonde virus is a Trojan horse virus which is annoying and generally a nightmare to get rid of. Most people will experience a virus at some point in their life but this one, I have to say, is one of the worst there is. I say that because of its annoyance rather than it completely destroying your computer.

Five Year Forecast for the Security Alarms Market in the UK

In this UK access control market research report we have studied the access control sector in private commercial applications and public non-residential applications together with use in retail, domestic, industrial and financial sectors. Major applications include hotels, offices and health establishments. The report analyses various types of equipment, some of which are integrated with other installations such as CCTV, intruder and fire alarm systems.

Locking your Computer's Doors

Firewalls can detect and stop probes into your system. If your system is properly secured, any probes will have no effect at all, so all the firewall is doing is telling you about them. It’s better to spend time checking your computer’s security rather than spend money on a firewall.

How Safe is it to be Online?

Sometimes it seems that you can never be safe on the Internet. You update your antivirus program, then read some story about the dangers of cookies or something. You download a ‘cookie crusher’ utility, then find out about port scanning. And spyware. And all the scary things hackers can do too your system. It’s amazing that anyone has the courage to go online at all.

Encryption Keeps Your Personal Data Private

When something is stored on your computer or sent by email, it means others can get their hands on it. While few of us store secret blueprints for atom bombs on our PCs, we’ve still got information we’d rather keep away from prying eyes: the Excel spreadsheets we use to keep track of our finances, the Word documents that outline our plans for world domination, or the email evidence of our torrid love lives.

Difference between Virus-Worms-Trojan Horses and SpyWare

The most of peoples make blunder when the topic of a computer virus arises is to refer to a worm or Trojan horse as a virus. While the words Trojan, worm and virus are often used interchangeably, they are not the same. Viruses, worms and Trojan Horses are all malicious programs that can cause damage to your computer, but there are differences among the three, and knowing those differences can help you to better protect your computer from their often damaging effects.