As we know that the building blocks of a good firewall system are as follows:
1. Perimeter Router
The main reason for using it is to provide a link to the public networking system like the internet, or a distinctive organization. It performs the routing of data packets by following an appropriate routing protocol.
It also provisions the filtering of packets and addresses translations.
2. Firewall
Its main task is to provisions distinctive levels of security and supervises traffic among each level. Most of the firewall exists near the router to provide security from external threats but sometimes present in the internal network also to protect from internal attacks.
3. VPN
Its function is to provisions a secured connection among two machines or networks or a machine and a network. This consists of encryption, authentication, and, packet-reliability assurance. It provisions the secure remote access of the network, thereby connecting two WAN networks on the same platform while not being physically connected.
4. IDS
Its function is to identify, preclude, investigate, and resolve the unauthorized attacks. A hacker can attack the network in various ways. It can execute a DoS attack or an attack from the backside of the network through some unauthorized access. An IDS solution should be smart enough to deal with these types of attacks.
IDS solution is of two kinds, network-based and host-based. A network-based IDS solution should be skilled in such a way whenever an attack is spotted, can access the firewall system and after logging into it can configure an efficient filter that can restrict the unwanted traffic.
A host-based IDS solution is a kind of software that runs on a host device such as a laptop or server, which spots the threat against that device only. IDS solution should inspect network threats closely and report them timely and should take necessary actions against the attacks.
All these are needed to design an impactful Firewall System.
7-Important Facts To Remember When You Design Firewall System
-
A Packet-filtering firewall should be used at the boundary of the network to give enhanced security.
-
Every server having exposure to a public network such as the Internet will be placed in DMZ. Servers having crucial data will be equipped with host-based firewall software within them. In addition to these on servers, all unwanted services should be disabled.
-
If your network is having critical database servers such as HLR server, IN, and SGSN which is used in mobile operations, then multiple DMZ will be deployed.
-
If external sources such as far-end organizations want to access your server placed in an internal network of security system then use VPN.
-
For crucial internal sources, such as R&D or financial sources, IDS should be used to monitor and deal with internal attacks. By imposing levels of security separately, extra security can be provided to the internal network.
-
For e-mail services, all outgoing emails should be pass through the DMZ e-mail server firstly and then some extra security software so that internal threats can be avoided.
-
For incoming e-mail, in addition to the DMZ server, antivirus, spam, and host-based software should be installed and run on the server every time a mail enters the server.
This Article Was Written & published by Meena R, Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India.
Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...
She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms.
34,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook.
If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:
Click Here to follow her: Cybersecurity PRISM