History of Firewall

18739 WordsOct 20, 201075 Pages
A History and Survey of Network Firewalls KENNETH INGHAM Kenneth Ingham Consulting and STEPHANIE FORREST University of New Mexico Firewalls are network devices which enforce an organization’s security policy. Since their development, various methods have been used to implement firewalls. These methods filter network traffic at one or more of the seven layers of the ISO network model, most commonly at the application, transport, and network, and data-link levels. In addition, researchers have developed some newer methods, such as protocol normalization and distributed firewalls, which have not yet been widely adopted. Firewalls involve more than the technology to implement them. Specifying a set of filtering rules, known as a policy, is…show more content…
In a similar vein, so-called “chatty” protocols on one network (which used broadcasts for much of their configuration) would not affect the other network’s bandwidth [Avolio 1999; Schneier 2000]. From these historical examples we can see how the term “firewall” came to describe a device or collection of devices which separates its occupants from potentially dangerous external environments (e.g., the Internet). A firewall is designed to prevent or slow the spread of dangerous events. For the purposes of this paper, we define a firewall as a machine or collection of machines between two networks, meeting the following criteria: —The firewall is at the boundary between the two networks; —All traffic between the two networks must pass through the firewall; —The firewall has a mechanism to allow some traffic to pass while blocking other traffic. The rules describing what traffic is allowed enforce the firewall’s policy. Additional desirable criteria include: ACM Journal Name, Vol. V, No. N, Month 20YY. A History and Survey of Network Firewalls · 3 —Resistance to security compromise; —Auditing and accounting capabilities; —Resource monitoring; —No user accounts or direct user access; —Strong authentication for proxies (e.g., smart cards rather than simple passwords); —Fail-safety. If it fails, the protected system(s) is(are) still secure because no traffic is allowed to
Open Document