What is Internet Security and
Firewalls
Internet
Security and Firewalls deals with issues of protecting one's
internal network from the Internet. Although most companies
are concerned about exposure to the Internet, many times
internal users and employees can pose a greater security
threat. Individuals working within the company can compromise
a company's financial or technical standing by having
unrestricted access to vital company information such as
proprietary data and payroll information.
Internet
security deals with identifying a security policy for a
company's network. A policy would consist of which users on
the Internet or internal network should have or not have
access.
As
the Internet becomes more popular and users become more
widespread, companies will find that many employees will want
to work from remote sites. However, if a security policy is
not in place at a company's site, not only will the employee
have access to internal information from the Internet, but, so
will anyone else who is connected to the Internet. Currently,
anyone having a personal computer with a modem will have
access to the Internet and ultimately to all machines on the
Internet.
For
these reasons, it is imperative that all companies planning to
connect to the Internet implement a security policy and
install a Firewall within their network. The Firewall should
be implemented as a gateway to and from the Internet and the
company network.
The
figure below shows an example where an Internet hacker can tap
into vital company information via the Internet.
A
Hacker obtaining vital company information via the Internet.
Internet Security Threats
Whenever
a company or an individual is connected to the Internet, the
individual is exposed to threats. Below are some of the
threats that connecting to the Internet without proper
security can be:
| Computer
hackers that are just curious to see if they can penetrate
your networks.
|
| Vandals
that know all the exploits of certain operating systems
for the purpose of causing system downtime, network
outages, and telephone line uses.
|
| Industrial
spies that will compromise company trade secrets causing
loss of competitive information and reputation.
|
| Accidental
data disclosures
|
The
above items are by no means complete. Real life experiences by
companies that have experienced a vandal hacker could expand
on this list considerably.
Security Policies and
procedures
Understanding
the security risks involved in connecting to the Internet is
the first step in developing a security policy and securing a
company's network. Once a security policy has been identified,
an implementation of a Firewall would be the next logical
choice.
The
company's security policy should dictate the following:
| Identifying
a perimeter security policy
|
| Identifying
security in depth |
When
identifying a perimeter security rule set, all access paths
leading into the network should be screened by the Firewall.
The Firewall should have a combination of Internet Packet (IP)
filtering and Proxy services to provide two layers of
protection. The IP packet filtering rules are used to allow or
disallow traffic that originates or is destined to a specific
IP address. IP packet filtering is the first level of security
for screening IP packets entering a company's network.
The
next level of Firewall security is proxy services. Proxy
services or servers are modified versions of the services that
allow connections between computers. Examples of services are
the telnet, ftp, http, gopher and sendmail
services. By modifying the aforementioned services to be
security aware (Proxies), further screening of communication
between computers is introduced.
When
identifying security in depth, care must be taken to protect
access to computers and enforcing strict security policies on
each system on the network. Other forms of in depth security
policies is to use strong Identification and Authentication
features such as Kerberos and PKI solutions.
Conclusion
To
conclude, Stealth Internet Services, Inc. can provide a
complete network solution, implement a security policy for
your company and install a commercial Firewall product.
Any
company planning to provide their employees with access to the
Internet should first consider implementing a security policy
and installing a Firewall. By not following these procedures,
a company may be exposed to hostile attacks from the Internet
that in the long run will prove to be extremely time
consuming, frustrating and costly.
For
further information and a list of references, please contact
Stealth Internet Services, Inc. at:
secinfo@stealthnet.com
|