“Hundreds of thousands of Internet servers are at risk of an attack that would redirect unknowing Web surfers from legitimate sites to malicious ones.” Check it out! This is an interesting article.
The term “firewall” comes from what was once
an innovation in the fire safety of buildings. It was a wall
running all the way up from the structural floor to the structural
ceiling to prevent potential fires from spreading from one area to
another.
Today, if you were to type “firewall” into a search engine you would
only see the term refer to the protection of information systems.
Sans.org defines a firewall as a system
or combination of systems that enforces a boundary between two or more
networks. Gateway that limits access between networks in accordance
with local security policy.
A firewall configuration might consist of an inexpensive Unix box kept
clean of critical data, with many modems and/or Network Interface cards
with public network ports on it, but just one carefully watched
connection back to a “trusted” private network.
The exponential growth of the Internet has an
equally growing rate of threats from thieves, cyber terrorists and
black hat hackers with malicious intent. The newly formed
frontier of cyberspace is a world of anarchy where people are
redefining the words debauchery and greed. Only the most
knowledgeable and prepared patrons of the Internet will log off
unscathed from the all malware, cons and Spam trash floating around the
Internet.
Network security is paramount to business and even
personal use of the Internet. Firewalls are “walls running all
the way up from the structural floor to the structural ceiling” of your
network separating your interests from the chaotic lake of fire that is
the Internet.
For many high end Firewalls supporting large scale
enterprises, Unix has become the center piece for security.
Source: Network Security Store – www.networksecuritystore.com
Monday, March 24, 2003
Here is a list of popular firewalls for Internet Security:
Blue Coat
Offers: With Blue Coat Director, you can rapidly deploy and configure
new devices. Using flexible configuration templates, administrators can
standardize devices easily-and still customize them based on region or
device-specific settings.
FireGuard 520 is an intelligent
load balancer for scaling multiple firewalls that increases
availability and efficiency of Internet Traffic for Enterprises and
Service Providers.
Nokia BIG-IP FireGuard
Typically when security is added to the network, the result can be poor
or sluggish performance. Nokia BIG-IP FireGuard ensures the network
firewalls are operating at maximum efficiency, can scale to meet these
increasing needs, and are intelligently balanced to handle traffic
across security appliances to ensure smooth, uninterrupted access to
information for users. The BIG-IP FireGuard 520 provides consistent
site availability by utilizing Extended Content Verification (ECV)
which tests firewall availability beyond a standard ping test and
routes traffic away from a downed firewall.
Check Point
Enterprise-class security for branch offices and MSPs that
includes web-based management and seamlessly integrates with Check
Point´s Enterprise Management Console, Provider-1 and SiteManager-1.
Cisco Systems
The Cisco PIX 515E “Restricted” (PIX 515E-R) model provides an
excellent value for organizations looking for robust Cisco PIX Firewall
services with minimal interface density and VPN throughput
requirements. It includes 32 MB of RAM and support for up to three
10/100 Fast Ethernet interfaces (nomenclature has been upgraded).
McAfee
Protect yourself while online with the advanced security of
McAfee Firewall. Easy-to-use, yet highly configurable, McAfee Firewall
secures your PCs connection to the Internet whether you connect via
DSL, cable modem or dial-up. With intrusion detection, color coded
security alerts, customizable audible alerts, detailed logging, and an
application scan for Internet enabled applications, McAfee Firewall
gives you the power you need to control the communications into and out
of your PC, ensuring that your online experience is as safe as it is
enjoyable $27.00
NetScreen
NetScreen 5XP is an Internet security appliance integrating firewall,
virtual private networking (VPN) and traffic shaping functionality. It
features wire-speed Ethernet performance for remote offices and
telecommuters. The NetScreen-XP enables enterprises and service
providers to deliver secure, cost-effective Internet connections to
remote offices and telecommuters.
Nokia
Supports Check Point VPN-1/FireWall-1 SmallOffice software
* Low total cost of ownership – setup and
configured from a remote central
location thorough a
unique restricted shell
* Flash based appliance – very reliable for
large deployments, no chance of
disk failure
* High performance VPN – will saturate T1 and
DSL lines for seamless LAN
like connectivity for
remote offices
· The IP71 runs a “Nokia Secured Operating System” (customized Linux)
· $800
Norton
NetScreen 5XP is an Internet security appliance integrating firewall,
virtual private networking (VPN) and traffic shaping functionality. It
features wire-speed Ethernet performance for remote offices and
telecommuters. The NetScreen-XP enables enterprises and service
providers to deliver secure, cost-effective Internet connections to
remote offices and telecommuters.
NetScreen firewall
The Netscreen range of firewall appliances combine firewall, virtual
private networking (VPN), and traffic management functions. Every
NetScreen firewall appliance provides hardware accelerated IPSec
encryption, even for 3DES encryption, and very low latency, allowing
them to seamlessly fit into any network. Installing and managing a
Netscreen firewall appliance is easily accomplished using a built-in
WebUI, command line interface, or the NetScreen Global Pro central
firewall management system.
Netscreen firewall security
The NetScreen firewall appliance product line provides a scalable
security solution, ranging from protecting broadband telecommuters to
large corporate offices and e-business sites. NetScreen is a
full-featured firewall using technology based on stateful inspection,
securing against intruders and denial-of-service attacks.
RSA Security
Security Features
RSA ACE/Server software utilizes industry-leading RSA encryption
expertise and technology designed to provide a hacker-proof solution.
Sidewinder
SecureOS™ with patented Type Enforcement™ technology
* Hybrid firewall combines application proxies and stateful packet filtering
* Advanced filtering mechanisms; Network Address Translation NAT
250 users 5000$
SonicWall
WatchGuard
www.sans.org