Security Beyond Firewalls

Is a firewall secure enough?

With the increase in cyber-terrorism and employee sabotage of company networks and IT systems, the need for tight enterprise-wide network security is crucial for businesses to survive. Many companies and organizations base their security around a firewall. But how secure is that firewall? A firewall offers only a perimeter protection. However, an external attacker would not assault the firewall unless it is known to be flawed, but instead concentrate on other weak points. These attackers may already have legitimate access to resources on the internal network, or may include a customer, a business partner, a home user, or another remote user.

A business partner, such as a used car dealer, is more likely to be less security conscious than a large car manufacturer. Therefore, an attacker would probably spawn an assault against the smaller company. After infiltrating their system, the attacker would continue into a host on the inside of the larger corporation by using legal connections. The majority of monetary losses generally result from insiders who are not blocked by a firewall.

Security beyond firewalls

A part of the solution is to partition the internal network into secure domains. Think of this as building a ship with watertight compartments. Having such compartments allows us to use secure gateways to control accesses between them. They also ease the task of removing unwanted guests. Unless we are completely sure when the intrusion started, how it was performed and what back doors the intruder has created or used, all systems within the domain must be completely restored. This is a time-consuming task, and if the systems are large, or have to operate 24 hours a day, year-round, then the task can be almost impossible to do.

Internal security domains must be created. The domains must have strong external protection and only authenticated users have access to the servers within. External traffic to the domain should be encrypted to prevent password sniffing and packet modification. What do we expect from such a security system? This depends on what security demands there are, on how large the internal system is, and how many domains are created. In general, the following aspects should be considered:

· Dynamic application access control - to protect servers and services applications based on the user's identity, location and time.

· Scalability - the security gateway must be able to handle 10-100 Mbit/s speed and should be scalable since the demands will increase from day one.

· Reliability - the security gateway will be a central node and will affect reliability of the whole system.

· Strong security - use of known ciphers with long enough encryption keys (> 75 to 90 bits).

· Flexibility - allow different type of authentication methods and client platforms.

 

Why one needs this security

There are three major reasons why all computer networks need this type of security:

1. The protocols are insecure. All Internet connected computers, as well as most computers in use today, are based on TCP/IP. However, all underlying protocols lack security (e.g. DNS, ICMP, ARP, etc.). There are absolutely no means within the protocol to ensure that the system is talking to the right recipient on the other end.

2. The operating systems are unable to protect themselves. For all major operating systems, there are security related bug reports published almost every day.

3. Most applications lack security. Also, most application programmers seem to believe that if they can communicate with another party, then it is someone else's problem to make the connection secure. These three factors are the major reason why Internet and also internal connected systems need additional protection by a secure system, which goes beyond the firewall.