Firewalls. The pocketknife for enforcing computer security

It doesn't take much of an interest in digital news to realize the importance, in terms of their number and consequences, of cyberattacks targeting companies and states. Let's recall the case that affected Ashley Madison in August 2016, a dating site whose hacking led to the theft of personal data from 37 million of its members (e-mails, phones, names, addresses, profiles, etc.), or the Locky malware in February 2016, whose modus operandi is to encrypt data without the owner's knowledge, then deliver, for a ransom, the decryption key enabling the owner to recover his or her data. Most of the time, this stolen data is resold on the dark web, a network parallel to the Internet reputed to facilitate illegal activities.

Since 2013, the revelations of Edward Snowden, the former CIA agent and NSA consultant, have raised public awareness of the power of IT tools, the latter enabling the massive collection of confidential, even secret, information. In 2016, for the first time in history, cyberattacks had political consequences. Donald Trump's election was largely the result of hacking that enabled the compromising publication of messages from Democratic Party officials.

Other, less publicized cyberattacks affect a large number of organizations, companies, local authorities... The cyber attacker's objectives are manifold: selling industrial secrets to the highest bidder, damaging an organization's image and reputation, weakening a company's financial position...

A whole arsenal of technical solutions exists to counter these cyberattacks, but their implementation in a company is only possible with the help of human resources to raise awareness and train employees, and legal experts for their knowledge of the European laws and directives to be complied with. The Information System Security Manager (ISSM) is the person who orchestrates the company's information system protection strategy. As shown by a study carried out by Clusif in 2016, out of 334 French companies with over 200 employees in the banking/insurance, commerce, industry/civil engineering, services and transport/telecoms sectors, 15% (resp. 18%) in 2016 said they were devoting more than 6% (resp. 3 to 6%) of their IT budget to security within the company. The expenditure item that has increased the most, up 4 points since 2014, is "setting up organizational elements", which accounts for 16% of spending.

This article looks at ISS from a technical angle, and more specifically at the function of the firewall, which is a central element in the protection of an organization's information system. A firewall isolates and filters all flows exchanged between two networks, thus protecting a private network from the public network. The firewall is configured to comply with...