Now after defining a policy we can go and purchase or design our firewall, usually big organisations build their own firewall as it takes time and cost more money but the designers understand better the specifics of the design and the use of the application.
The type of firewall we have to choose will depend on its location in the network
so if it was intended to filter traffic coming from outside by checking for example the IP address of the source and destination, MAC address and port number this type is called Network Firewall but if it was the other case like user authentication and filtering traffic between networks or what we call proxy servers these firewalls are called application layers firewalls.
The following terms are used to describe basic firewalls Gateway: a gateway acts as a connector between networks, by transmitting information and defining what should and should not be able to pass between the internal network and the Internet.
Network Address Translation (NAT): NAT hides the internal addresses from the external network (Internet), by translating all internal addresses to public IP addresses when leaving the internal network.
Proxy servers:A proxy server replaces the network's IP address and effectively hides the actual IP address from the rest of the Internet. Examples of proxy servers include Web proxies, circuit level gateways, and application level gateways.
Packet filtering firewall: This is a simple firewall solution that is usually implemented on routers that filter packets. The IP headers of network packets are inspected when going through the firewall. Depending on the rules, the packet is either accepted or denied. Because most routers can filter packets, this is an easy way to quickly configure firewall rules to accept or deny packets. However, it's difficult for a packet filtering firewall to differentiate between a benign packet and a malicious packet like viruses.
Screening routers: This is a packet filtering router that contains two network interface cards. The router connects two networks and performs packet filtering to control traffic between the networks. This type of router is also known as an outside router or border router.
Application level gateway: This type of gateway allows the network administrator to configure a more complex policy than a packet filtering router. It uses a specialized program for each type of application or service that needs to pass through the firewall.
Bastion host: A bastion host is a secured computer that allows an untrusted network (such as the Internet) access to a trusted network (internal network). It is typically placed between the two networks and is often referred to as an application level gateway.
Demilitarized zone (DMZ): A DMZ sits between the internal network and the outside world (Internet), and it's the best place to put the public servers. Examples of systems to place on a DMZ include Web servers and FTP servers and Mail servers.
Now after choosing a firewall or designing one it is time to test our product and see how it works is is going to do the job that it was intended to do, blocking or stopping some of the traffic and allowing the other, scanning packets giving permission to other users to login well if it does all this or perhaps more. The job is done if not we have to review our design or the policy. Since this firewall is going to work on a live network so the best way is to put for testing on a live one but not with the system it is supposed to protect. However most of the designers would advertise their application or ask other organisations to test it for them, usually tests are carried out by hackers who are experts in this field. And this could be by performing any attack on the system, Denial of service attack, cracking, spoofing…. etc.
After passing the tests now our application is ready to protect our network from intruders, but we have to bear in mind that this solution is not hundred percent safe as it has some vulnerabilities some of them are:
flexibility suffers as all designated packets or protocols are rejected from a filtered site. A fully filtered site cannot be accessed at all from users within the "Trusted" network
Complex to maintain. as the Network Administrator has to enter all addresses and protocols to be filtered manually.
Proxies require large amounts of computing resources in the host system, which can lead to performance bottlenecks or slowdowns on the network. And they must
be written for specific application programs, and not all applications have proxies available.
Stateful Inspection and Hybrid (combined firewall technologies) functionality currently requires the purchase of additional hardware and/or software and is not typically "bundled" with another existing network device
Other vulnerabilities are firewalls cannot detect viruses, worms and Trojan horses or attacks from inside (traitors). Theses matters are to be solved by other tools or the user policy.
At the end of this report I would like to list some of the firewalls available to purchase or to download for free and they are:
tiny personel firewall this firewall is a freeware software very suitable for any PC running any windows version
Cisco PIX 535 Firewall, provides over 1 Gbps of firewall throughput with the ability to handle up to 500,000 concurrent connections this firewall is suitable for large enterprises.
BlackICE Defender Protocol analysis based intrusion detection firewall for home and corporate users
Kerio Blocks all externally originated IP traffic, making computer invisible to outsiders
All types of firewalls described earlier are in use today, which suggests that there is no one "best" firewall. Different firewalls are built for different systems. So to design the best firewall for an organization it is important to identify their requirements to particular firewall architecture. In addition, the best firewall for depends on several factors, including the level of expertise of firewall administrators, the types of services company plans to support, company's budget, and the organizational needs. And in the end we have to admit that the Internet has helped us a lot to exchange information and every technology has its pros and cons, and the main problem with using the Internet is those misusing it either to prevent others from using it or looking into their accounts and secrets or ….etc. To date there has been minimal political or legal action taken to establish policies or review the law regarding those crimes. As this continue to be the situation we are in today, there will continue a need for firewalls.
REFERENCES:
**Westbridge Technology, Inc. Published: October 1, 2002
**Load Balancing Servers, Firewalls, and Caches by Chandra Kopparapu 2001
**Firewalls Complete Marcus Goncalves 2000
**Configuring ISA Server 2000: Building Firewalls for Windows 2000 Tom Shinder, Syngress
**http://www.tutorialfind.com/tutorials/networking/firewalls/
**http://www.tutorgig.com/showurls.jsp?group=793&index=0
**http://www.greatcircle.com/tutorials/
**http://www.linuxplanet.com/linuxplanet/tutorials/2607/2/
**http://blacksun.box.sk/format.php3?file=firewalls_torn.html