Execution of business processes in the 21st century has been faced with a lot of challenges like insecurity and conviviality. Due to this a lot of organizations have employed information technology mechanisms to protect their information infrastructure from being accessed by unauthorized persons and also to check authentication (Neumann, 5). In this scenario, authorization can be defined as a mechanism by which a system verifies if a person has permission to access an item while authorization is a mechanism that checks if a person who wants to access some information is who he claims to be. Firewall, which is the implementation of both hardware and software at the private network level to prevent the private network from being attacked from external network At the hardware level a proxy is used together with software that restricts the flow of information to and from the private network (Neumann, 5). A mechanism known as a demilitarized zone is implemented so that in case of insecurity the attacker will first of all have to pass through this zone and that attacker hardly passes the zone
In the world today, no one would do ever consider to be advantaged to have internet but rather it should be essential. Nevertheless linking a personal network to the internet can bring dangerous or private information to exposure from any source and everybody who uses the internet should be aware of this and one must be informed on the measures of protection required (Neumann, 5). Firewalls can guard both personal and company networks from unfriendly intrusion. They safeguard networked machines from intentional unfriendly interrupters who can compromise privacy or make data to corrupt or even refute service. This service is composed of two systems i.e. the exposed system and the one which is to be defended. Normally it can either be a hardware device or a software program operating on a protected host computer and in this case we are dealing with a hardware device. A firewall is assembled at the intersection point or in the entrance of two networks usually a personal and a communal network like the internet. Those who are accountable to the classified network which is connected to the community network are the ones who require firewall protection. Quite a several people who use the internet tend to think that ambiguity will protect them. Intruders can use programmed machines to scrutinize IP addresses and get access to information any time an opportunity arises.
A firewall can permit all traffic to pass except when it meets definite criteria, or it can reject all traffic unless it comes across definite criteria. To determine whether to permit traffic to pass through or not is different from one firewall to the other (Donovan, 87). A firewall will establish the amount of traffic to pass depending on the type of network layer it is operating as it examines the traffic routed among the two networks to access if it meets a particular criterion and if yes it is then routed among the networks or else it is terminated. It filters both the incoming and outgoing traffic and also administers public contact to personal networked resources for example the host applications (Donovan, 87). It can also be used to register any efforts to penetrate the private network and generate alarms when unfriendly and unauthorized penetration is attempted. It also sorts out packages supported by their source and the targeted addresses and port numbers a process named address filtering. Protocol filtering is a process where firewalls clean explicit modes of net interchange or traffic. However whether to pass or reject traffic depends on the protocol used (Donovan, 87). A firewall cannot stop people who use modems from accessing the network by avoiding the firewall altogether. It may not also control negligence and bad behavior (Gasser, 45). Strategies concerning the use and abuse of passwords and user accounts should be strictly implemented by the management since the firewall may not be able to solve this. It is important to note that there are mainly four different types of firewalls i.e. packet filters, stateful-multilayer inspection, and circuit-level and application-level gateways (Stewart, 23). The packet filtering is more beneficial because it is not costly and its network contacts are low (Gasser, 45).
All you require to implement a firewall is to establish an inbound contact policy. Having internet interchange coming from the LAN makes internet connection less complicated. Uncomplicated NAT (Network Address Translation) router blocks inbound traffic which is not in reply to demands coming from within the LAN (Gasser, 45). LAN is very important because it makes the internet connection more secure when one is using protected access. It is advisable to start with an entrance that directs no traffic and is no doubt successfully a brick wall and no entrance in it (Gasser, 45). Choose whether to purchase a complete firewall product, have one executed by an organization integrator or employ one yourself.
Accessibility of a firewall is advanced by the redundant components and duplicate devices. Elements like the power supply may fail you time and again and duplicating them will improve the pliability of the device (Gasser, 45). On the other hand, the replacement of a firewall device offers a flexible system at a favorable cost, since it also needs a supply of network cabling and replacement connectivity in the routers and switches where the firewall connects. Firewall resolution can size up as the throughput increases, moreover by adding more apparatus to the firewall or by putting another corresponding firewall.
There is a wide range of benefits of having a firewall installed, just to name a few: Protecting internal servers from network assault implementing network procedure and contact access (Ross, 12). Scrutinizing traffic and producing alerts when intruders are detected. There is nothing as comfortable as knowing that your information or rather the data that you are handling is in safe hands. Now and then we have hand cases all over the world where quite a several employees have lost their jobs due to information being compromised and in most cases, the employee in question cannot explain how it happened no matter how he defends himself. Hardware firewalls are tailor-made for faster reaction and also to handle quite a several traffic loads (Ross, 12). It has also been noted that a device that has an operating system cannot be infected by intruders and this minimizes the security risk. It is very hard to interfere with it since it is isolated from other network elements and so can be managed better hence not slowing any related application. It can be closed down, shifted, or even reconfigured without interfering with the network (Ross, 12). The only drawback of this device is that it occupies physical space and also involves wiring, and since the benefits outweigh the drawbacks, I don’t see any reason why anyone or any company would not go for it.
Works cited
Donovan, James. Management Information Systems for the information age: New York, 2003.
Gasser, Morrie. Building a secure computer system: Oxford University: Oxford, 2008.
Neumann, Peter. Principled Assuredly Trustworthy Composable Architectures: London, 2004.
Ross, Anderson. Security Engineering: A Guide to Building Dependable Distributed Systems. New York Times: New York, 2004.
Stewart, Lee. Essays about Computer Security: Cambridge University, Cambridge, 2009.