Please enable JavaScript.
Coggle requires JavaScript to display documents.
Module 9: Firewall Technologies - Coggle Diagram
Module 9: Firewall Technologies
9.1 Secure Networks with Firewalls
Firewalls
A firewall is a system, or group of systems, that enforces an access control policy between networks.
All firewalls share some common properties:
Firewalls are resistant to network attacks.
Firewalls are the only transit point between internal corporate networks and external networks because all traffic flows through the firewall.
Firewalls enforce the access control policy.
Firewall Benefits
There are several benefits of using a firewall in a network:
They prevent the exposure of sensitive hosts, resources, and applications to untrusted users.
They sanitize protocol flow, which prevents the exploitation of protocol flaws.
They block malicious data from servers and clients.
They reduce security management complexity by off-loading most of the network access control to a few firewalls in the network.
Firewall Limitations
Firewalls also have some limitations:
A misconfigured firewall can have serious consequences for the network, such as becoming a single point of failure.
The data from many applications cannot be passed over firewalls securely.
Users might proactively search for ways around the firewall to receive blocked material, which exposes the network to potential attack.
Network performance can slow down.
Unauthorized traffic can be tunneled or hidden as legitimate traffic through the firewall.
9.2 Firewalls in Network Design
Common Security Architectures
A firewall is a system, or group of systems, that enforces an access control policy between networks.
All firewalls share some common properties:
Firewalls are resistant to network attacks.
Firewalls are the only transit point between internal corporate networks and external networks because all traffic flows through the firewall.
Firewalls enforce the access control policy.
There are several benefits of using a firewall in a network:
They prevent the exposure of sensitive hosts, resources, and applications to untrusted users.
They sanitize protocol flow, which prevents the exploitation of protocol flaws.
They block malicious data from servers and clients.
They reduce security management complexity by off-loading most of the network access control to a few firewalls in the network.
Layered Defense
A layered defense uses different types of firewalls that are combined in layers to add depth to the security of an organization. Policies can be enforced between the layers and inside the layers. These policy enforcement points determine whether traffic is forwarded or discarded.
A layered defense approach is not all that is needed to ensure a safe internal network. A network administrator must consider many factors when building a complete in-depth defense:
Firewalls typically do not stop intrusions that come from hosts within a network or zone.
Firewalls do not protect against rogue access point installations.
Firewalls do not replace backup and disaster recovery mechanisms resulting from attack or hardware failure.
Firewalls are no substitute for informed administrators and users.
Considerations for Layered Network Defense
Layers:
Network Core security - Protects against malicious software and traffic anomalies, enforces network policies, and ensures survivability
Perimeter security - Secures boundaries between zones
Communications security - Provides information assurance
Endpoint security - Provides identity and device security policy compliance
