Overview
ABSTRACT
A firewall is the key security provision in a computer network for isolating and filtering ingoing and outgoing traffic. A firewall can use several filtering mechanisms such as stateless or stateful packet filtering, applicative proxies, circuit-level proxies, or packet inspection. This article also presents other classical functions embedded in a firewall, including Network Address Translation (NAT), Virtual Private Network (VPN), and intrusion detection and prevention systems (IDS/IPS). The article also places the firewall in a more global perspective of security policies and security architectures.
Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.
Read the articleAUTHOR
-
Maryline LAURENT: Professor Télécom-SudParis, Institut Mines-Télécom, Evry, France -
INTRODUCTION
It doesn't take much of an interest in digital news to realize the importance, in terms of their number and consequences, of cyberattacks targeting companies and states. Let's recall the case that affected Ashley Madison in August 2016, a dating site whose hacking led to the theft of personal data from 37 million of its members (e-mails, phones, names, addresses, profiles, etc.), or the Locky malware in February 2016, whose modus operandi is to encrypt data without the owner's knowledge, then deliver, for a ransom, the decryption key enabling the owner to recover his or her data. Most of the time, this stolen data is resold on the dark web, a network parallel to the Internet reputed to facilitate illegal activities.
Since 2013, the revelations of Edward Snowden, the former CIA agent and NSA consultant, have raised public awareness of the power of IT tools, the latter enabling the massive collection of confidential, even secret, information. In 2016, for the first time in history, cyberattacks had political consequences. Donald Trump's election was largely the result of hacking that enabled the compromising publication of messages from Democratic Party officials.
Other, less publicized cyberattacks affect a large number of organizations, companies, local authorities... The cyber attacker's objectives are manifold: selling industrial secrets to the highest bidder, damaging an organization's image and reputation, weakening a company's financial position...
A whole arsenal of technical solutions exists to counter these cyberattacks, but their implementation in a company is only possible with the help of human resources to raise awareness and train employees, and legal experts for their knowledge of the European laws and directives to be complied with. The Information System Security Manager (ISSM) is the person who orchestrates the company's information system protection strategy. As shown by a study carried out by Clusif in 2016, out of 334 French companies with over 200 employees in the banking/insurance, commerce, industry/civil engineering, services and transport/telecoms sectors, 15% (resp. 18%) in 2016 said they were devoting more than 6% (resp. 3 to 6%) of their IT budget to security within the company. The expenditure item that has increased the most, up 4 points since 2014, is "setting up organizational elements", which accounts for 16% of spending.
This article looks at ISS from a technical angle, and more specifically at the function of the firewall, which is a central element in the protection of an organization's information system. A firewall isolates and filters all flows exchanged between two networks, thus protecting a private network from the public network. The firewall is configured to comply with...
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference
KEYWORDS
filtering | firewall | security policy | security architecture
CAN BE ALSO FOUND IN:
This article is included in
Networks and Telecommunications
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
Firewall
Bibliography
Bibliography
- (1) - ANSSI - Recommandations pour la définition d'une politique de filtrage réseau d'un pare-feu. - mars 2013 https://www.ssi.gouv.fr/uploads/IMG/pdf/NP_Politique_pare_feu_NoteTech.pdf ...
Software tools
Squid http://www.squid-cache.org
netfilter http://www.netfilter.org
SNORT http://www.snort.org
Websites
ANSSI, CSPN certified products https://www.ssi.gouv.fr/entreprise/produits-certifies/produits-certifies-cspn/
ANSSI, Common criteria certified products https://www.ssi.gouv.fr/entreprise/produits-certifies/cc/produits-certifies-cc/
...Standards and norms
- IETF, LEECH (M.), GANIS (M.), LEE (Y.), KURIS (R.), KOBLAS (D.), JONES (L.). – SOCKS Protocol Version 5. http://ietf.org/rfc/rfc1928.txt?number=1928 - rfc 1928 - 03-96
Regulations
Law no. 2009-1311 of October 28, 2009 on the criminal protection of literary and artistic property on the Internet, JORF no. 0251 of Oct. 29, 2009 https://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000021208046&categorieLien=id
Law no. 2015-912...
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference