Firewall in Computer Networks
CHAPTER-1
INTRODUCTION
1.1 Firewall in computer networks
Firewall: A set of related programs, located at a network gateway server, which protects the resources of a private network from users from other networks using security policies.
The Internet has made large amounts of information available to the average computer user at home, in business and in education. For many people, having access to this information is no longer just an advantage, it is essential. Yet connecting a private network to the Internet can expose critical or confidential data to malicious attack from anywhere in the world. Users who connect their computers to the Internet must be aware of these dangers, their implications and how to protect their data and their critical systems. Firewalls can protect both individual computers and corporate networks from hostile intrusion from the Internet, but must be understood to be used correctly.
But even with firewalls there is a concern of policy anomalies. Firewall policy management is a challenging task due to the complexity and interdependency of policy rules. This is further exacerbated by the continuous evolution of network and system environments. The process of configuring a firewall is tedious and error prone. Therefore, effective mechanisms and tools for policy management are crucial to the success of firewalls. The quickly advancing changes to the protocols and the network changes demand stronger and more efficient firewall policies. Some new technologies in the field of firewall are suggested.
CHAPTER-2
LITERATURE SURVEY
Firewalls have existed since about 1987, and several surveys and histories have already been written. However, none of them provide both the depth and breadth of this survey, nor do they focus on the peer-reviewed literature describing firewall technology. In 1994, Alec Muffett wrote a paper which provided an excellent review of the firewall policies and architectures of the time. This paper
INTRODUCTION
1.1 Firewall in computer networks
Firewall: A set of related programs, located at a network gateway server, which protects the resources of a private network from users from other networks using security policies.
The Internet has made large amounts of information available to the average computer user at home, in business and in education. For many people, having access to this information is no longer just an advantage, it is essential. Yet connecting a private network to the Internet can expose critical or confidential data to malicious attack from anywhere in the world. Users who connect their computers to the Internet must be aware of these dangers, their implications and how to protect their data and their critical systems. Firewalls can protect both individual computers and corporate networks from hostile intrusion from the Internet, but must be understood to be used correctly.
But even with firewalls there is a concern of policy anomalies. Firewall policy management is a challenging task due to the complexity and interdependency of policy rules. This is further exacerbated by the continuous evolution of network and system environments. The process of configuring a firewall is tedious and error prone. Therefore, effective mechanisms and tools for policy management are crucial to the success of firewalls. The quickly advancing changes to the protocols and the network changes demand stronger and more efficient firewall policies. Some new technologies in the field of firewall are suggested.
CHAPTER-2
LITERATURE SURVEY
Firewalls have existed since about 1987, and several surveys and histories have already been written. However, none of them provide both the depth and breadth of this survey, nor do they focus on the peer-reviewed literature describing firewall technology. In 1994, Alec Muffett wrote a paper which provided an excellent review of the firewall policies and architectures of the time. This paper
References: 1) Hu, H., Ahn, G.H, Ketan Kulkarni, K. “Detecting and Resolving Firewall Policy Anomalies” IEEE Transactions On Dependable And Secure Computing, Vol. 9, No. 3, May/June 2012. 2) Vensmer, A., Sebastian Kiesel, S. “DynFire: Dynamic Firewalling in Heterogeneous Environments” World Congress On Internet Security (WorldCIS-2012) 3) http://www.pc-help.org/www.nwinternet.com/pchelp/security/firewalls.htm 4) http://www.interhack.net/pubs/network-security/