ssl-vpn secure remote access » | backup & recovery  »

Network Security: Firewall

The Need for Firewall Protection
The broadband explosion has provided Internet users with a better, faster solution than the traditional dial-up connections we've been used to over the years. That's the good news. The bad news is, broadband connections have some drawbacks, the most serious of which is the fact that they are "always on."

A connection that never shuts off is a hacker's dream. Why? Think of it like this. Would you leave your new sports car unlocked, with the keys in the ignition and the engine running all day long? Not if you don't want it stolen. Hackers like "always-on" connections like DSL, cable modems and T1 lines because they're always there and they're predictable. This isn't to say that broadband connections are bad. Quite the contrary. Broadband is a great technology. Users just need to make sure they're using the appropriate level of protection that a firewall solution can offer.

Hacking, whether it's into your company's network or your personal computer at home, can have serious consequences. For example:

• Lost Data - What if someone deleted data on your company's network? What if you didn't have that data backed up? How much would that cost you?
• Down Time - Don't you hate it when a customer calls and you have to tell them your server is down? Do you think that customer is going to buy from one of your competitors? Probably.
• Computer Jacking - Do you like impersonators? Well, hackers who get control of your computer can launch attacks against other networks using your computer. When the cyber police find out, guess who they're going to be looking for?

Attacks, like those previously mentioned, occur in many forms. Some are minor while others create havoc and do a lot of damage. Here are some others that you need to protect your network against:

• Denial of Service (DoS) - Denial of Service attacks are designed to prevent users from accessing a service or resource like a company's public Web site on the Internet.
• Viruses - A virus is a computer program that attaches itself to another program and spreads from file to file when that program is run.
• Worms - Worms are similar to viruses, except that instead of spreading from file to file, they spread from computer to computer.
• Trojan Horses - Like the ancient Greek saga, a Trojan horse is a gift with a little something extra inside. Unfortunately this "gift" usually causes serious problems for your computer.

Firewall Functionality
Firewalls are a great way to protect your business or home network against attacks from intruders. They're designed to defend against attack by implementing a series of rules that permit, or deny, traffic to pass between your network and the Internet. Based on the way these rules are set, the inbound and outbound flow of information maybe extremely tight or very relaxed. The trick is to maintain a balance between your company's need for security and your employees' need to get their work done without interference.

So what else do firewalls do besides screening email and Web requests? In general, firewalls should have the following functions at a minimum:

• Stateful Packet Inspection - Stateful Packet Inspection is a smarter form of packet filtering, which inspects headers of network "packets." It blocks any packet arriving at the firewall claiming to be a solicited response.
• Network Address Translation (NAT) - NAT is a technique that hides the IP addresses of your internal computers from prying eyes by replacing them with a single public IP address.
• Application Proxy - This service allows firewalls to inspect more than just packet headers before deciding whether or not to allow a packet to pass through.
• Monitoring and Logging - Keeping records of attacks is important. It will help you analyze your security needs and provide you with feedback on the performance of your firewall.

As good as firewalls are at defending your network again unwanted intrusions, they can't protect against everything. What threats can't they protect against? Here are a few:

• Malicious Authorized Users - These are people on the internal network who are already behind the firewall, which makes this threat difficult to defend against.
• Social Engineering - Sometimes hackers obtain information by calling employees and posing as a co-worker or someone else in the company doing a routine check.
• Viruses, Worms and Trojan Horse Programs - Firewalls scan network traffic for these threats, however the programs are changing constantly, making them hard to detect.
• Poor Network Administration - A firewall is only as effective as its programming. It's up to the network administrator to determine which network traffic should be allowed to pass and which shouldn't.

The SonicWALL Solution
SonicWALL Internet security appliances are built on stateful inspection firewall technology, the most effective way to protect network access. Stateful inspection technology tracks each packet traversing the firewall and makes sure that they are legitimate. A stateful inspection firewall also monitors the state of the connection and compiles the information in a state table ensuring that the source and destination of each packet is valid. This enterprise class technology is designed into every SonicWALL Internet security appliance.
SonicWALL Firewalls:

• Act as a control portal between a protected network and an unsecured network
• Restrict the entrance and exit of traffic based on policies maintained by a network administrator

So far we've talked about how firewalls work, the need for firewall protection and what firewalls can and can't do. Now, let's took a look at your best defense against malicious attacks - the SonicWALL solution. SonicWALL offers a complete line of award-winning Internet Security Appliances (Hardware Firewalls) and Security Applications to protect your customers' networks against attack.
SonicWALL appliances provide secure access to organizations that use the Internet to share confidential information with remote offices, telecommuters, mobile users and partners. No matter what your customers' organizational structure, SonicWALL has the solution to meet their Internet security needs.
SonicWALL's Internet Security Applications provide customers with solutions for integrated Internet security, branch office security and remote access security. Combined with SonicWALL's low total-cost-of-ownership and incredible ease-of-use, these products and integrated applications form a powerful defense against networks attacks.
SonicWALL wall offers your customers a complete security solution by delivering services such as:

• Stateful Packet Inspection Firewall
• Virtual Private Networking (VPN)
• Network Anti-Virus
• Content Filtering
• 8x5 or 24x7 Support Packages!
• Wizard for Easy Installation and Management

OVERVIEW
Networking technology continues to advance at a rapid pace, making it difficult to keep up with the latest innovations. Providing rock-solid security is even more challenging, especially for small businesses and network administrators with limited IT resources. Deploying and managing a complex network security product simply isn't an option. You need a reliable, flexible, easy-to-use solution that delivers business-class security at a price that won't break your budget.

The SonicWALL TZ 180, part of SonicWALL's line of defense offering the ultimate total security platform for home, small, remote and branch office deployments. With integrated support for SonicWALL's Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, the TZ 180 delivers real-time protection against viruses, spyware, worms, Trojans and other malicious threats. The TZ 180 also combines built-in anti-spam protection and support for SonicWALL's Content Filtering Service to provide enhanced productivity and network utilization. Available in multiple node configurations, the TZ 180 scales to protect your investment as your organization grows, allowing you to add features and functionality when your network needs them.

Utilizing SonicWALL's feature-rich SonicOS operating system, the TZ 180 offers a choice between absolute ease-of-use for basic networks and unsurpassed flexibility for networks with more complex needs. SonicOS Standard, included with every TZ 180, allows rapid deployment in basic networks with a user-friendly Web interface and powerful wizards. Building upon SonicOS Standard, SonicOS Enhanced is an optional software upgrade that provides advanced features including WAN ISP Failover, Distributed Wireless LAN capabilities (with SonicPoints), Object-based Management and Policy-based NAT for more complex network installations.

Features and Benefits
SonicOS Standards, which ships on every SonicWALL TZ 180, includes:

• Real-Time Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention. The TZ 180 extends security from the network core to the perimeter by integrating support for SonicWALL's Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, delivering real-time protection against the latest blended threats, including viruses, spyware, worms, Trojans, software vulnerabilities and other malicious code.1
• Powerful Content Filtering. The TZ 180 supports SonicWALL's Content Filtering Service, providing an enterprise-class, scalable content filtering service that enhances productivity and security without requiring additional server or deployment costs.
• Deep Packet Inspection Firewall. The TZ 180 features a configurable, high performance deep packet inspection firewall for extended protection to key Internet services such as Web, e-mail, file transfer, Windows services, and DNS.
• WorkPort. The SonicWALL TZ 180 includes an optional port that can be configured as a WorkPort, creating an independent, isolated zone of trusted network security that protects corporate networks from malicious attacks that can occur when telecommuters share broadband Internet access with networked home computers.
• Comprehensive Central Management Support. Every SonicWALL Internet security appliance can be managed using SonicWALL's award-winning Global Management System, which provides network administrators with the tools for simplified configuration, enforcement and management of global security policies, VPN, and services, all from a central location.

SonicOS Enhanced, an optional software upgrade for the SonicWALL TZ 180, adds:

• Real-Time Blacklist Spam Filtering. The TZ 180 provides the ability to use DNS to query Real-Time Black List (RBL) services that track well-known spam and open-relay SMTP servers, and to deny SMTP connections from servers that appear on the lists.2
• Configurable Optional Port. Upgrading to SonicOS Enhanced allows the optional port on the TZ 180 Wireless to be configured either as an additional LAN, WAN, DMZ or WLAN offering greater network configuration flexibility as well as internal security.
• WAN ISP Failover and Load Balancing. The SonicWALL TZ 180 offers the ability to configure the optional port as a secondary WAN port, delivering highly reliable network connectivity and robust performance. This secondary WAN port can be used in "active-active" load sharing or failover configuration providing a highly efficient method for maximizing total network bandwidth.
• Object-based Management. The SonicWALL TZ 180 provides the ability to define an object such as a user group, network address range, service or interface. When security policies change, the administrator can modify the pre-defined object and propagate the changes instantly without redefining rules, enabling businesses to implement and manage security policies easily and consistently.
• Policy-based NAT. In addition to standard NAT (many-to-one) functionality, the SonicWALL TZ 180 also exposes control of NAT policies to administrators for one-to-one NAT, many-to-many NAT, one-to-many NAT, inbound Port Address Translation (PAT), flexible NAT (for overlapping IP addresses), as well as NAT policies on selective source/destination/source translations. The result is greater control and flexibility to support and manage various NAT requirements.