Establishing firewall policy

Southcon/96 Conference Record Pub Date : 1996-06-25 DOI:10.1109/SOUTHC.1996.535065

S. Cobb

{"title":"Establishing firewall policy","authors":"S. Cobb","doi":"10.1109/SOUTHC.1996.535065","DOIUrl":null,"url":null,"abstract":"One in five respondents to an Information Week/Ernst and Young Security Survey admitted that intruders had broken into, or had tried to break into, their corporate networks, via the Internet, during the preceding twelve months. Unfortunately, there is a growing impression that all of the security problems associated with internetworking can be fixed by deploying a firewall. True, many of the commercially-available firewall products are very powerful and firewalls deserve to be near the top of the agenda for organizations who have, or are thinking about creating, a connection between their network and another network. However, firewalls, at least in the narrow sense of the term, are not the whole answer. Broadly speaking a firewall is a system or group of systems that enforces an access control policy between two networks. More specifically, a firewall is a collection of components or a system that is placed between two networks and possesses the following properties: all traffic from inside to outside, and vice-versa, must pass through it; only authorized traffic, as defined by the local security policy, is allowed to pass through it; and the system itself is immune to penetration. In other words, a firewall is a mechanism used to protect a trusted network from an untrusted network.","PeriodicalId":199600,"journal":{"name":"Southcon/96 Conference Record","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1996-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Southcon/96 Conference Record","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SOUTHC.1996.535065","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

Abstract

One in five respondents to an Information Week/Ernst and Young Security Survey admitted that intruders had broken into, or had tried to break into, their corporate networks, via the Internet, during the preceding twelve months. Unfortunately, there is a growing impression that all of the security problems associated with internetworking can be fixed by deploying a firewall. True, many of the commercially-available firewall products are very powerful and firewalls deserve to be near the top of the agenda for organizations who have, or are thinking about creating, a connection between their network and another network. However, firewalls, at least in the narrow sense of the term, are not the whole answer. Broadly speaking a firewall is a system or group of systems that enforces an access control policy between two networks. More specifically, a firewall is a collection of components or a system that is placed between two networks and possesses the following properties: all traffic from inside to outside, and vice-versa, must pass through it; only authorized traffic, as defined by the local security policy, is allowed to pass through it; and the system itself is immune to penetration. In other words, a firewall is a mechanism used to protect a trusted network from an untrusted network.

查看原文本刊更多论文

建立防火墙策略

在《信息周刊》/安永安全调查中，五分之一的受访者承认，在过去的12个月里，入侵者曾通过互联网侵入或试图侵入他们的公司网络。不幸的是，越来越多的人认为，所有与互联网相关的安全问题都可以通过部署防火墙来解决。的确，许多商业上可用的防火墙产品都非常强大，对于那些已经或正在考虑在其网络和另一个网络之间建立连接的组织来说，防火墙应该成为他们的首要任务。然而，防火墙，至少从狭义上讲，并不是全部的答案。从广义上讲，防火墙是在两个网络之间实施访问控制策略的一个系统或一组系统。更具体地说，防火墙是放置在两个网络之间的组件或系统的集合，具有以下属性:所有从内部到外部的流量，反之亦然，都必须经过它;只有本地安全策略定义的授权流量才允许通过;系统本身对渗透是免疫的。换句话说，防火墙是一种用于保护可信网络免受不可信网络攻击的机制。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Southcon/96 Conference Record

自引率

0.00%

发文量