Home  >  Fourth Edition  >  Chapter 20
Chapter 20 –  Firewalls and Proxy Servers
     David Ian Brussin

Chapter Contents:

   20.1    Introduction
   20.1.1    History and Background    Changing Network Models
   20.1.2    Progression of Network Security Mechanisms    Router Access Control Lists    Dedicated Host-based Firewall Applications    Purpose-built Firewall Appliances    Personal Firewalls
   20.2    Role of Network Security Mechanisms
   20.2.1    Perimeter Protection    Control of Allowed Paths    Intrusion Detection
   20.2.2    Additional Roles of the Firewall and Proxy Server    Intrusion Response    Encryption    Content Inspection    Caching
   20.3    Technical Detail: Firewalls
   20.3.1    Security Tasks    Authorization    Availability    Accounting and Audit
   20.3.2    Firewall Architectures    Rule Processing on Routing Devices    Packet-filtering Firewalls    Stateful Inspection Firewalls    Application Gateway Firewalls    Hybrid Firewalls
   20.3.3    Technical Detail: Proxy Servers
   20.4    Available and Emerging Technologies
   20.4.1    Consolidated Management Consoles
   20.4.2    Unified Intrusion Detection
   20.4.3    Unified Alerting and Reporting
   20.4.4    Content Vectoring
   20.4.5    Multifunction Devices
   20.4.6    Automated Allowed-Path Inspection
   20.5    Successful Deployment of Network Security Mechanisms
   20.5.1    Screened Subnet Firewall Architectures
   20.5.2    Management and Monitoring Strategies    Direct Console Method    Out-of-Band Method    Isolated In-Band Management    Full In-Band Managemen
   20.5.3    Firewall and Proxy Server Configuration and Management    Rule Creation    Implicit Rules and Default Configurations
   20.5.4    A Constantly Changing Security Landscape    Full Disclosure Security Forums and Resources    Vendor Security Alerts and Updates    Internal Technical Resources
   20.6    For Further Reading

Please report problems to the webmaster at:
copyright 2002-2006, Robert Gezelter, All Rights Reserved