Firewalls as an Internet Security Tool

Sep 09, 1994

Abstract

The current level of security in the Internet seems secure only to the
totally oblivious. One practical action to guard security domains
against untrusted networks is the physical separation of the
demilitarized zone from the rest of the Internet, allowing only a few
dedicated machines to transmit data between them according to
established policies: firewall routers.

Determining a suitable network topology and configuration of firewalls
is a process that includes the definition of a security policy, a
formal description of allowed and denied traffic in terms of a logical
expression of packet fields, and its implementation. Purpose,
topologies, capabilities, and limitations of firewalls are worth
examining, as well as how firewalls work in the presence of vital
Internet services.

There are some currently open questions including the
integration of firewall technology with emerging information and
multimedia services, windowing systems, formal specification
of filtering rules, and the presence of gigabit networking.