This book is a practical guide to building your own firewall. It provides step-by-step explanations of how to design and install a firewall at your site, and how to configure Internet services such as electronic mail, FTP, the World Wide Web, and others to work with a firewall. Firewalls are complex, though, and we can't boil everything down to simple rules. Too much depends on exactly what hardware, operating system, and networking you are using at your site, and what you want your users to be able to do, and not do. We've tried to give you enough rules, examples, and resources here so you'll be able to do the rest on your own.
What is a firewall, and what does it do for you? A firewall is a way to restrict access between the Internet and your internal network. You typically install a firewall at the point of maximum leverage, the point where your network connects to the Internet. The existence of a firewall at your site can greatly reduce the odds that outside attackers will penetrate your internal systems and networks. The firewall can also keep your own users from compromising your systems by sending dangerous information - unencrypted passwords and sensitive data - to the outside world.
The attacks on Internet-connected systems we are seeing today are more serious and more technically complex than those in the past. To keep these attacks from compromising our systems, we need all the help we can get. Firewalls are a highly effective way of protecting your site from these attacks. For that reason, we strongly recommend you include a firewall in your site's overall Internet security plan. However, a firewall should be only one component in that plan. It's also vital that you establish a security policy, that you implement strong host security, and that you consider the use of authentication and encryption devices that work with the firewalls you install. This book will touch on each of these topics while maintaining its focus on firewalls.
This book is divided into four parts:
Part I, Network Security, explores the problem of Internet security and focuses on firewalls as part of an effective strategy to solve that problem.
Chapter 1, Why Internet Firewalls?, introduces the major risks associated with using the Internet today; discusses what to protect, and what to protect it against; discusses various security models; and introduces firewalls in the context of what they can and can't do for your site's security.
Chapter 2, Internet Services, outlines the services users want and need from the Internet, and summarizes the security problems posed by those services.
Chapter 3, Security Strategies, outlines the basic security principles an organization needs to understand before it adopts a security policy and invests in specific security mechanisms.
Part II, Building Firewalls, describes how to build firewalls and configure services to run with them.
Chapter 4, Firewall Design, outlines the basic components and major architectures used in constructing firewalls: dual-homed hosts, screened hosts, screened subnets, and variations on these basic architectures.
Chapter 5, Bastion Hosts, presents step-by-step instructions on designing and building the bastion hosts used in many firewall configurations.
Chapter 6, Packet Filtering, describes how packet filtering systems work, and discusses what you can and can't accomplish with them in building a firewall.
Chapter 7, Proxy Systems, describes how proxy clients and servers work, and how to use these systems in building a firewall.
Chapter 8, Configuring Internet Services, describes how to configure each major Internet service to run with a firewall.
Chapter 9, Two Sample Firewalls, presents two sample configurations for basic firewalls.
Chapter 10, Authentication and Inbound Services, discusses the problem of allowing users to access your systems from the Internet, and describes a variety of authentication strategies and products.
Part III, Keeping Your Site Secure, describes how to establish a security policy for your site, maintain your firewall, and handle the security problems that may occur with even the most effective firewalls.
Chapter 11, Security Policies, discusses the importance of having a clear and well-understood security policy for your site, and what that policy should and should not contain. It also discusses ways of getting management and users to accept the policy.
Chapter 12, Maintaining Firewalls, describes how to maintain security at your firewall over time and how to keep yourself aware of new Internet security threats and technologies.
Chapter 13, Responding to Security Incidents, describes what to do when a break-in occurs, or when you suspect that your security is being breached.
Part IV, Apendixes, consists of the following summary appendixes:
Appendix A, Resources, contains a list of places you can go for further information and help with Internet security: World Wide Web pages, FTP sites, mailing lists, newsgroups, response teams, books, papers, and conferences.
Appendix B, Tools, summarizes the best freely available firewall tools and how to get them.
Appendix C, TCP/IP Fundamentals, contains background information on TCP/IP that is essential for anyone building or managing a firewall.