[ Thanks to Johan for this link.
]
“Nations without controlled borders cannot ensure the security
and safety of their citizens, nor can they prevent piracy and
theft. Networks without controlled access cannot ensure the
security or privacy of stored data, nor can they keep network
resources from being exploited by hackers. The communication
efficiency provided by the Internet has caused a rush to attach
private networks directly to it. Direct Internet connections make
it easy for hackers to exploit private network resources. Prior to
the Internet, the only widely available way for a hacker to connect
from home to a private network was by direct dialing with modems
and the public telephony network. Remote access security was a
relatively small issue.“When you connect your private network to the Internet, you are
actually connecting your network directly to every other network
that’s attached to the Internet directly. There’s no inherent
central point of security control in fact, there’s no inherent
security at all. Firewalls are used to create security checkpoints
at the boundaries of private networks. At these checkpoints,
firewalls inspect all packets passing between the private network
and the Internet and determine whether to pass or drop the packets
depending on how they match the policy rules programmed into the
firewall. If your firewall is properly configured, is capable of
inspecting every protocol you allow to pass, and contains no
serious exploitable bugs, your network will be as free from risk as
possible.“There are literally hundreds of firewall products available,
and there are different theories from different security experts on
how firewalls should be used to secure your network. This article
will explore the operation of a generic firewall in detail, outline
the important features you need in a firewall, and discuss how
firewalls should be deployed in networks of any size…”