Here's a quick 12 tips that describes a firewall, and how to build one. 1.A firewall implements your security policy. A firewall enforces some security policy. If you didn't have a security policy before you put the firewall in place, you . . .
Here's a quick 12 tips that describes a firewall, and how to build one. 1.A firewall implements your security policy. A firewall enforces some security policy. If you didn't have a security policy before you put the firewall in place, you do now. It may be unwritten, but it's still a security policy. If you haven't made explicit decisions about what you want the security policy to be, it's probably not the best policy for your site, and it will certainly be difficult for you to maintain it over time. In order to have a good firewall, you need a good security policy--one that is written down and widely agreed to. 2.A firewall is not usually a single device. Except in the most simple of cases, a firewall is seldom a single device; it is usually a collection of devices acting in concert. Even if you buy a commercial "all-in-one" firewall appliance, you'll still have to configure other machines (your public web server, for example) to work along with it. And these other machines should really be regarded as part of the firewall. This has all sorts of implications for how you configure and manage these machines, what they trust, what trusts them, and so on. You cannot simply choose one box, call it "the firewall," and expect it to assume all responsibility for security.