USING FIREWALLS EFFECTIVELY

Choosing the Right Firewall

Choosing the right firewall is not an easy task. Each type of firewall offers its own set of advantages and disadvantages. Combined with the vast array of vendor firewall products (in addition to the possibility of creating one’s own custom-built firewall), this task can be potentially overwhelming. Schultz (1996a) has presented a set of criteria for selecting an appropriate firewall. One of the most important considerations is the amount and type of security needed. For some organizations with low to moderate security needs, installing a packet-filtering firewall that blocks out only the most dangerous incoming service requests often provides the most satisfactory solution because the cost and effort entailed are not likely to be great. For most organizations such as banks and insurance corporations, packet-filtering firewalls do not generally provide sufficient security capabilities (especially the granularity and control against unauthorized actions usually needed for connecting customers to services that reside within a financial or insurance corporation’s network). Other factors such as the reputation of the vendor, how satisfactory vendor support arrangements are, verifiability of the firewall’s code (to confirm that the firewall does what the vendor claims it does), support for strong authentication, ease of administration, the ability of the firewall to withstand direct attacks, and the quality and extent of logging and alarming capabilities should also be strong considerations in choosing a firewall.

The Importance of a Firewall Policy

The discussion so far has centered on high-level technical considerations. Although these considerations are extremely important, too often people overlook other considerations that, if neglected, can render firewalls ineffective. The most important single consideration in effectively using firewalls is, in fact, developing a firewall policy. A firewall policy is a statement of how a firewall should work — the rules by which incoming and outgoing traffic should be allowed or rejected (Power, 1995). A firewall policy, therefore, is a type of security requirements document for a firewall. As security needs change, firewall policies need to change accordingly. Failing to create and update a firewall policy for each firewall almost inevitably results in gaps between expectations and what each firewall actually does, resulting in uncontrolled security exposures in firewall functionality. Security administrators may, for example, think that all incoming HTTP requests are blocked, but the firewall may actually allow HTTP requests from certain IP addresses, leaving an unrecognized avenue of attack. An effective firewall policy should provide the basis for firewall implementation and configuration; needed changes in the way the firewall works should always be preceded by changes in the firewall policy. An accurate, updated firewall policy also should serve as the basis for evaluating and testing a firewall.

Security Maintenance

Many people who employ firewalls feel a false sense of security once the firewalls are in place. Properly designing and implementing firewalls, after all, can be difficult, costly, and time consuming. The truth, however, is that firewall design and implementation are simply the beginning point of having a firewall, and that firewalls that are not properly maintained soon lose their value as security control tools (Schultz, 1995). One of the most important facets of firewall maintenance is updating both the security policy and rules by which each firewall operates. Firewall functionality nearly invariably needs to change as new services and applications are introduced in (or sometimes removed from) a network. Undertaking the task of inspecting firewall logs on a daily basis to discover attempted and possibly successful attacks on both the firewall and the internal network it protects should be an extremely high priority. Evaluating and testing the adequacy of firewalls for unexpected access avenues to the security perimeter and vulnerabilities that lead to unauthorized access to the firewall itself should also be a frequent, high-priority activity (Schultz, 1996b).