When designing a firewall system and its corresponding security policy, a number of
questions should be answered. The first question involves the company's expected level of
security. Is the company trying to restrict all access to services not deemed essential to the
business? Or does the company wish to allow all or most types of transactions, thus asking the
firewall system only to audit transactions and create an orderly request for transactions?
Restricting all access to services not deemed essential requires a more elaborate firewall system
and thus more work and expense. Allowing most types of transactions requires a simpler system
that only performs queue management operations and creates an audit trail.
A second question stems from the first decision: How much money is the company willing
to invest in a firewall system? Commercially-purchased firewall systems can be powerful,
complex, and expensive. It is possible, however, to construct a home-grown firewall system that
takes advantage of the capabilities of existing equipment, such as routers and network operating
systems. As we saw earlier, it is possible to restrict access into a system based on time of day,
day of week, and location. It is also possible to use existing software to create an audit trail of all
incoming and outgoing transactions. Depending on the detail of auditing required, additional
software can be purchased and installed that will work in concert with network operating system
software to provide any desired level of audits.
Similarly, many routers can be programmed to restrict access to certain kinds of traffic. A router
can be programmed to accept and reject requests with specific IP addresses or a range of IP addresses.
Routers can also be programmed to deny access to certain port addresses at the TCP level.
A third question relates to the company's commitment to security. If the company is serious
about restricting access to the corporate network through a link such as the Internet, will the
company be equally serious about supporting security on any and all other links into the
corporate network environment? Dial-up modem access, wireless network access, and other
telecommunication links should also be considered when making security decisions. Fax
machines, both stand alone and computer based, as well as removable disk media are two more
examples of how data may enter or leave a corporation. Any security policy must take these
entrance and exit points, as well as the Internet, into consideration.
Having a well-designed security policy in place will make the jobs of network support staff
clearer. The staff employees will know what the network users can and cannot access and where
they can and cannot go. A well-designed security policy will make enforcement more
straightforward, and it will allow the staff to react properly to specific security requests. The
policy will also make clear the goals and duties of network employees in enforcing security with
respect to requests from the outside. If there is a good security policy, the users themselves will
have a better understanding of what they can and cannot do. This understanding will hopefully
assist the network staff in conducting their jobs and will allow the company to maintain security
in an increasingly insecure world.
Perhaps because companies have well-designed security policies in place, many people who
use the Internet to purchase items online are growing comfortable with the fact that, if they
transfer credit card information during a secure session, their data is safe from hackers and other
eavesdroppers. This sense of security may change, however, because the Internet Engineering
Task Force is considering whether to allow a backdoor entry into all Internet traffic. This
backdoor entry would allow authorized persons to intercept any data traffic on the Internet. Since
this proposal appears to be a violation of privacy, why would anyone want to create such a
At the core of the argument is the fact that standard telephone systems currently allow
agencies of the U.S. government to wiretap communications. This wiretap occurs at the
telephone central office and is built into central office telephone switches.
The act that allows wiretapping (the Communications Assistance for Law Enforcement Act)
has been in existence since 1994. Now that the Internet is beginning to carry voice traffic, should
it also be possible for the U.S. government to wiretap voice transactions on the Internet? As one
critic of the proposal states, if they can tap voice, then they can tap data. Furthermore, if the
designers of the Internet create such a backdoor, it is also possible that this knowledge could fall
into the wrong hands and be used for criminal intent.
This issue is further complicated by the fact that many businesses presently encrypt all data
leaving the corporate network. Most encryption techniques used by businesses are so effective
that virtually no one, including the government, can crack them. If the network does the
encryption just before the data leaves corporate boundaries, then it would be the responsibility of
the corporate network support personnel to provide the U.S. government, if asked, with
unencrypted data. If, on the other hand, the encryption is applied at the user workstation before it
is inserted onto the corporate network, who will supply the U.S. government with the
unencrypted data? Clearly, this issue will be hotly debated for some time to come.
Despite the fact that a company may have a well-designed security policy in place, external
events are making this area more complex all the time.
1, deem [di:m]
3, wiretap ['waiə,tæp]