| Data
Security in Local Network using Distributed Firewalls
|
Definition
Computers and Networking have become inseparable by now. A number of confidential
transactions occur every second and today computers are used mostly for transmission
rather than processing of data. So Network Security is needed to prevent hacking
of data and to provide authenticated data transfer. Network Security can be achieved
by Firewall. Conventional firewalls rely on the notions of restricted topology
and controlled entry points to function. Restricting the network topology, difficulty
in filtering of certain protocols, End-to-End encryption problems and few more
problems lead to the evolution of Distributed Firewalls.
A
distributed firewall is a mechanism to enforce a network domain security policy
through the use of a policy language, a policy distribution scheme enabling policy
control from a central point and certificates, enabling the identification of
any member of the network policy domain.
Distributed
firewalls secure the network by protecting critical network endpoints, exactly
where hackers want to penetrate. It filters traffic from both the Internet and
the internal network because the most destructive and costly hacking attacks still
originate from within the organization.They provide virtually unlimited scalability.
In addition, they overcome the singlepoint-of-failure problem presented by the
perimeter firewall. Introduction
Distributed firewalls are host-resident security software applications that protect
the enterprise network's servers and end-user machines against unwanted intrusion.
They offer the advantage of filtering traffic from both the Internet and the internal
network. This enables them to prevent hacking attacks that originate from both
the Internet and the internal network. This is important because the most costly
and destructive attacks still originate from within the organization.
Evolution
of Distributed Firewall from the Conventional Firewall :
A
firewall is a collection of components, interposed between two networks, that
filters traffic between them according to some security policy.
Basic
structure of a firewall
Some problems with the conventional firewalls that
lead to Distributed Firewalls are as follows.
" Depends on the topology
of the network.
" Do not protect networks from the internal attacks.
" Unable to handle protocols like FTP and RealAudio.
" Has single
entry point and the failure of this leads to problems.
" Unable to stop
"spoofed" transmissions (i.e., using false source addresses).
"
Unable to log all of the network's activity and unable to dynamically open and
close their networking ports.
<<back | 