Corporate Network Security

 

Controlling digital access into and out of an organization is an important aspect when we are implementing network security. Most of the medium-scaled and large-scale companies have their presence on the internet and an organization network connected to it. Partitioning boundary of outside internet and the internal network is a critical security measure. We use firewalls to make a controlled barrier to control network traffic in and out of the organizational intranet. Therefore, a firewall can be identified as a,

“A firewall is a network security device, either hardware or software-based, which monitors all incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or drops that specific traffic”

The firewalls can be used to control what is allowed to traverse from one side to the other. They can be configured to block network traffic to certain destinations. It could be certain IP addresses or service ports. One problem for organizations is to provide access to services for the public through the internet such as web, FTP, email while maintaining tight security of the internal network. The approach used to address such an issue is to use a DMZ (demilitarized zone). DMZ is a network area that sits between an internal network and an external network. Connections from the internal and external network to the DMZ are permitted, but the connections from DMZ are only permitted to the external network, hosts in DMZ may not connect to the internal network. It allows DMZ hosts to provide services to external network while protecting the internal network in case an intruder compromises a host in DMZ.

This setup can be used with firewalls configured to allow public access to public servers, but the internal firewall can restrict incoming connections. Internal firewalls at different intranet boundaries can limit damage from internal threats and worms that have managed to compromise perimeter firewalls.

In the market, we can see many brand names of firewalls. Gartner is a world-leading research and advisory company which has categorized these brands into different sections such as leaders, challengers, visionaries and niche players.

The Gartner Magic Quadrant depicts a market using a two-dimensional matrix that evaluates vendors based on their Completeness of Vision and Ability to Execute. Vendors in this quadrant lead the market in offering new features that protect customers from emerging threats, provide expert capability rather than treat the firewall as a commodity and have a good track record of avoiding vulnerabilities in their security products.

References

• https://www.geeksforgeeks.org/introduction-of-firewall-in-computer-network/
• http://book.itep.ru/depository/security/APC_Fundamental_Principles_of_Network_Security.pdf
• https://us-cert.cisa.gov/ics/Control_System_Security_DMZ-Definition.html
• https://www.fortinet.com/solutions/gartner-network-firewalls