Firewall_Rule_Base_Best_Practices.doc

The part of information security that concerns itself

Info icon This preview shows pages 2–3. Sign up to view the full content.

View Full Document Right Arrow Icon
The part of Information Security that concerns itself with computers and networks is often called “computer security” or “network security.” I wonder why? I will just use the term “security” throughout this paper, as I find it a bit simpler. But you will know what I really mean. There are many very interesting aspects to security, but two most critical ones are that it is most effective when layered and that it is never “finished”. Many people use an onion as an analogy, but I prefer to talk about automobile alarms. As anyone who lives near a big city can tell you, if someone wants your car badly enough, they will be able to steal it. The same goes for security—there are no absolutes. If someone wants to break your security badly enough, they will. There is no such thing as a totally secure system. Or rather, there is such a thing as a totally secure system, but since it is encased in 5 feet of concrete and buried under 7 miles of ocean water, it is not very useful. That is the tradeoff—security verses ease of use. Going back to the car analogy, you can put an alarm on the car, use “The Club™,” install a kill switch, get your window glass etched, etc. Each additional layer makes it harder for a thief to steal the car, with increases the chance he will look for an easier target, which reduces the chance your car will be stolen. So it is with Information Security. This brings us to firewalls. They are one of the layers in your security posture. They are typically used at the network border, between your network and someone else’s. They may be used inside the company, perhaps to add another layer to the security of the payroll department. They may (should!) even be used at home, to protect your personal computer while attached to the Internet. But firewalls are not “security” and they are not even necessarily secure. Unless a firewall is installed and configured properly into a network that has been designed to correctly support the way a firewall must function, it is even worse than having no firewall at all. How can it be worse? Because you think you are secure when if fact you are not! Once you have installed your firewall, you are not secure, nor are you anywhere near to being finished. To quote Bruce Schneier, “Security is not a product, it’s a process.” This cannot be emphasized enough. Nothing in security is “set it and forget it!” Security cannot be achieved with point products—it is an ongoing process that never ends, and one that encompasses far more than software or hardware products. A firewall is a very important part of security, but it is a small part. The people process is at least as important as the firewall. But, since we are here to talk about firewalls, without further ado, let’s get to the topic at hand.
Image of page 2

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern