ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Communications

Network management Toolkit

Multilayer firewall strategy

Mitch Bryant Tech Republic

Published: 14 Feb 2003 21:07 GMT

While firewalls can secure Internet access, protect mission-critical information, and leverage the Internet to connect a global enterprise, they're just the starting point for building a security fortress. Some organisations may believe they're secure with current firewalls in place, but it won't be long before they realise they need more tools for securing their next connectivity initiative, such as a VPN.

Whether you want to improve, replace, or initially install a firewall, it's a good time to refresh your knowledge of firewalls and understand the vital steps, such as developing a security policy, that you must take before making any more security moves.

False firewall beliefs
A common misconception is that one firewall can protect every asset. While that might have been true a few years ago, it's not enough protection, given the advancements in hacking and increasing external threats.

According to the CERT Coordination Center at the Software Engineering Institute (CERT/CC), the number of reported network security incidents has almost tripled in the past two years -- from 21,756 in 2000 to 73,359 at the end of Q3 2002.

A second misconception is that a firewall device is a "connect, turn on, and forget about it" device. It's actually a technology that requires constant review, fine-tuning, and evaluation.

In addition, many organisations plug firewalls into place without a security policy. Firewall deployment should be tied directly to security policies that address and support your company's objectives. Enterprises must consider a multilayered security approach, with a security policy, firewalls, and additional security tools (such as virus software).

What a firewall can and can't do
A firewall can be hardware- or software-based. The tightest security is obtained when the two options are used in combination. Yet, even in this approach, a firewall system has its limits:

It can't protect the enterprise from attacks and threats from within your network.
Virus protection is limited without additional software and specialised technologies.
A firewall can't protect an organisation from attacks that avoid a firewall -- an external hack via a dial-up account can fully compromise the entire security plan.

Firewall technology, obviously, also can't protect organisations from employee carelessness or mistakes with passwords and unauthorised access. Only specific tools and policy guidelines on expected computer use and access can thwart those issues.