Week 45: Firewall Security Tips

    Date 28 Oct 2004
    Category Firewalls
    6542
    Posted By Anthony Pell
    A DMZ (Demilitarized Zone) is a combination of firewalls -- a perimeter network segment logically between internal and external networks. Also called a "screened subnet," its purpose is to enforce the internal network's IA policy for external information exchange and to provide external, untrusted sources with restricted access to releasable information while shielding internal networks from outside attacks. . . .
    n the limited space available here, I cannot possibly address how to secure a firewall. Instead, I'll note the considerations that go into doing so and point you to some useful resources. CNSS Instruction No. 4009, revised May 2003, National Information Assurance (IA) Glossary defines a firewall as a "system designed to defend against unauthorized access to or from a private network." I prefer CERT's definition: "A combination of hardware and software used to implement a security policy governing the network traffic between two or more networks, some of which may be under your administrative control (e.g., your organization's networks) and some of which may be out of your control (e.g., the Internet)."

    A DMZ (Demilitarized Zone) is a combination of firewalls -- a perimeter network segment logically between internal and external networks. Also called a "screened subnet," its purpose is to enforce the internal network's IA policy for external information exchange and to provide external, untrusted sources with restricted access to releasable information while shielding internal networks from outside attacks. In some circles the DMZ is considered a part of the firewall, while other circles consider the DMZ the land of the sacrificial hosts. One way to think of a DMZ is as a group of hosts that are guided by a unique security policy. This policy balances some of the strictest controls against public access and availability requirements.

    The link for this article located at TechTarget.com is no longer available.

    LinuxSecurity Poll

    Do you feel that the Lawful Access to Encrypted Data Act, which aims to force encryption backdoors, is a threat to US citizens' privacy?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/30-do-you-feel-that-the-lawful-access-to-encrypted-data-act-which-aims-to-force-encryption-backdoors-is-a-threat-to-privacy?task=poll.vote&format=json
    30
    radio
    [{"id":"106","title":"Yes - I am a privacy advocate and I am strongly opposed to this bill.","votes":"19","type":"x","order":"1","pct":95,"resources":[]},{"id":"107","title":"I'm undecided - it has its pros and cons.","votes":"1","type":"x","order":"2","pct":5,"resources":[]},{"id":"108","title":"No - I support this bill and feel that it will help protect against crime and threats to our national security. ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.