CCNA Security 210-260 Certification Guide
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

Delving into Security Toolkits

The term firewall was derived from an automobile pision. It actually means a segment that is extricated to release the engine screened-off area from the core of the automobile. But in the network world, it is used as a general term for how we isolate our internal network from outside attacks and threats. A firewall can be defined as any hardware or software that enables the filtering of packets or controls the flow of traffic. They are generally implemented at the perimeter of the network. They act as a border for trusted and untrusted zones.

For a company that secures the network and data, it will add complexity to the network administrator. The costs of maintaining and implementing such a high level of security, such as e-commerce, intranet, extranet, and email services, are always high, but when compared to the loss that is incurred due to the lack of high-level security, it is considered more important.

But if a company opts for a Cisco firewall, software, instead of hardware, would also have the same kind of security fulfillment. Cisco IOS provides full-featured firewall services when it is implemented properly on any Cisco router. It helps a network to break down into several small domains or sub networks, thereby helping to keep the possible security breach limited to one domain, if any, and preventing it from spreading across the entire network, which would result in a major loss.

There are two important parts of a firewall:

  • A part to permit the traffic
  • A part to block the traffic

Most firewalls permit traffic from a trusted zone to the untrusted zone without any special configuration. But the traffic flow from the untrusted zone to the trusted zone must be configured and must be explicitly permitted, so anything not configured or permitted from untrusted to trusted should be denied implicitly. A firewall is not limited to trusted and untrusted zones only; it also has a mid-zone called the DMZ zone (Demilitarized zone or less-trusted zone). 

Basically, a firewall is a set of programs that can be enabled in a network gateway server and secures the resources of a private network from other external network users. The firewall operates based on the set of rules and policies defined by the administrator.

Firewalls come in two varieties:

  • Hardware firewall: Examples are routers with built-in Access Control List (ACL), Adaptive Security Appliance (ASA), and Personal Internet Exchange (PIX)
  • Software firewall: Operating systems with firewall software

All the messages entering inside and moving out from the internet to the intranet pass through the firewall. Thus, a firewall offers a preeminent security solution.

Firewalls are based on rules and policies. The rules configures on the firewall decide what type of connection should be allowed and how it should be allowed. The firewall also decides based on the direction of the packet flow:

Apart from controlling unauthorized access to the network, firewalls also help to allow remote connection to a secure network using authentication mechanisms.

The rules that firewalls use are that nothing but security guidelines that can be configured by a user or a network administrator to permit/deny the traffic to file servers, web servers, FTP servers, and Telnet servers. Firewalls allow administrators to have immense control over the traffic flowing in and out of their systems/networks.

Upon completion of this chapter, you will understand:

  • The uses of different types of firewall
  • The significance of IPS in network security
  • How VPNs can be used to securely access remote networks
  • The benefits of ESA and WSA
  • The different endpoint security tools
上一章目录下一章