History of Firewall
A History and Survey of Network Firewalls
KENNETH INGHAM Kenneth Ingham Consulting and STEPHANIE FORREST University of New Mexico
Firewalls are network devices which enforce an organization’s security policy. Since their development, various methods have been used to implement firewalls. These methods filter network traffic at one or more of the seven layers of the ISO network model, most commonly at the application, transport, and network, and data-link levels. In addition, researchers have developed some newer methods, such as protocol normalization and distributed firewalls, which have not yet been widely adopted. Firewalls involve more than the technology to implement them. Specifying a set of filtering rules, known as a policy, is typically complicated and error-prone. High-level languages have been developed to simplify the task of correctly defining a firewall’s policy. Once a policy has been specified, the firewall needs to be tested to determine if it actually implements the policy correctly. Little work exists in the area of firewall theory; however, this article summarizes what exists. Because some data must be able to pass in and out of a firewall, in order for the protected network to be useful, not all attacks can be stopped by firewalls. Some emerging technologies, such as Virtual Private Networks (VPN) and peer-to-peer networking pose new challenges for firewalls. Categories and Subject Descriptors: C.2.0 [COMPUTER-COMMUNICATION NETWORKS]: General General Terms: security Additional Key Words and Phrases: Firewalls, Network Security
The University of New Mexico Computer Science Department Technical Report 2002-37. Author’s addresses: K. Ingham, Kenneth Ingham Consulting, 1601 Rita Dr NE, Albuquerque, NM 87106-1127, ingham@i-pi.com. S. Forrest, Department of Computer Science, University of New Mexico, Albuquerque, NM 87131, forrest@cs.unm.edu. Permission to make digital/hard copy of all or part of this material without fee for personal or classroom use provided
KENNETH INGHAM Kenneth Ingham Consulting and STEPHANIE FORREST University of New Mexico
Firewalls are network devices which enforce an organization’s security policy. Since their development, various methods have been used to implement firewalls. These methods filter network traffic at one or more of the seven layers of the ISO network model, most commonly at the application, transport, and network, and data-link levels. In addition, researchers have developed some newer methods, such as protocol normalization and distributed firewalls, which have not yet been widely adopted. Firewalls involve more than the technology to implement them. Specifying a set of filtering rules, known as a policy, is typically complicated and error-prone. High-level languages have been developed to simplify the task of correctly defining a firewall’s policy. Once a policy has been specified, the firewall needs to be tested to determine if it actually implements the policy correctly. Little work exists in the area of firewall theory; however, this article summarizes what exists. Because some data must be able to pass in and out of a firewall, in order for the protected network to be useful, not all attacks can be stopped by firewalls. Some emerging technologies, such as Virtual Private Networks (VPN) and peer-to-peer networking pose new challenges for firewalls. Categories and Subject Descriptors: C.2.0 [COMPUTER-COMMUNICATION NETWORKS]: General General Terms: security Additional Key Words and Phrases: Firewalls, Network Security
The University of New Mexico Computer Science Department Technical Report 2002-37. Author’s addresses: K. Ingham, Kenneth Ingham Consulting, 1601 Rita Dr NE, Albuquerque, NM 87106-1127, ingham@i-pi.com. S. Forrest, Department of Computer Science, University of New Mexico, Albuquerque, NM 87131, forrest@cs.unm.edu. Permission to make digital/hard copy of all or part of this material without fee for personal or classroom use provided
References: Abie, H. 2000. An overview of firewall technologies. Telektronikk 96, 3, 47–52. http://www.nr.no/publications/FirewallTechnologies.pdf Accessed 2002 Feb 20. amavis.org. 2002. AMaViS—a mail virus scanner. http://www.amavis.org/ Accessed 2002 Feb 20. A History and Survey of Network Firewalls security in the Internet architecture February 8-10, 1994