Picture of Computer Security Handbook, 4th Edition
computersecurityhandbook.com
Home  >  Fourth Edition  >  Chapter 20
 Home
  by Author
  Fourth Edition
    Chapter 1
    Chapter 2
    Chapter 3
    Chapter 4
    Chapter 5
    Chapter 6
    Chapter 7
    Chapter 8
    Chapter 9
    Chapter 10
    Chapter 11
    Chapter 12
    Chapter 13
    Chapter 14
    Chapter 15
    Chapter 16
    Chapter 17
    Chapter 18
    Chapter 19
    Chapter 20
    Chapter 21
    Chapter 22
    Chapter 23
    Chapter 24
    Chapter 25
    Chapter 26
    Chapter 27
    Chapter 28
    Chapter 29
    Chapter 30
    Chapter 31
    Chapter 32
    Chapter 33
    Chapter 34
    Chapter 35
    Chapter 36
    Chapter 37
    Chapter 38
    Chapter 39
    Chapter 40
    Chapter 41
    Chapter 42
    Chapter 43
    Chapter 44
    Chapter 45
    Chapter 46
    Chapter 47
    Chapter 48
    Chapter 49
    Chapter 50
    Chapter 51
    Chapter 52
    Chapter 53
    Chapter 54
  by Section
  Services
  About this site
Chapter 20 –  Firewalls and Proxy Servers
     David Ian Brussin

Chapter Contents:

   20.1    Introduction
   20.1.1    History and Background
   20.1.1.1    Changing Network Models
   20.1.2    Progression of Network Security Mechanisms
   20.1.2.1    Router Access Control Lists
   20.1.2.2    Dedicated Host-based Firewall Applications
   20.1.2.3    Purpose-built Firewall Appliances
   20.1.2.4    Personal Firewalls
   20.2    Role of Network Security Mechanisms
   20.2.1    Perimeter Protection
   20.2.1.1    Control of Allowed Paths
   20.2.1.2    Intrusion Detection
   20.2.2    Additional Roles of the Firewall and Proxy Server
   20.2.2.1    Intrusion Response
   20.2.2.2    Encryption
   20.2.2.3    Content Inspection
   20.2.2.4    Caching
   20.3    Technical Detail: Firewalls
   20.3.1    Security Tasks
   20.3.1.1    Authorization
   20.3.1.2    Availability
   20.3.1.3    Accounting and Audit
   20.3.2    Firewall Architectures
   20.3.2.1    Rule Processing on Routing Devices
   20.3.2.2    Packet-filtering Firewalls
   20.3.2.3    Stateful Inspection Firewalls
   20.3.2.4    Application Gateway Firewalls
   20.3.2.5    Hybrid Firewalls
   20.3.3    Technical Detail: Proxy Servers
   20.4    Available and Emerging Technologies
   20.4.1    Consolidated Management Consoles
   20.4.2    Unified Intrusion Detection
   20.4.3    Unified Alerting and Reporting
   20.4.4    Content Vectoring
   20.4.5    Multifunction Devices
   20.4.6    Automated Allowed-Path Inspection
   20.5    Successful Deployment of Network Security Mechanisms
   20.5.1    Screened Subnet Firewall Architectures
   20.5.2    Management and Monitoring Strategies
   20.5.2.1    Direct Console Method
   20.5.2.2    Out-of-Band Method
   20.5.2.3    Isolated In-Band Management
   20.5.2.4    Full In-Band Managemen
   20.5.3    Firewall and Proxy Server Configuration and Management
   20.5.3.1    Rule Creation
   20.5.3.2    Implicit Rules and Default Configurations
   20.5.4    A Constantly Changing Security Landscape
   20.5.4.1    Full Disclosure Security Forums and Resources
   20.5.4.2    Vendor Security Alerts and Updates
   20.5.4.3    Internal Technical Resources
   20.6    For Further Reading

Please report problems to the webmaster at: webmaster@removethis.rlgsc.com
copyright 2002-2006, Robert Gezelter, All Rights Reserved