Broadband - Exchange
Login Scripts - Net Admin
Outlook - Windows Mobile
Windows
Email Access (both
inbound and outbound)
Remote Access to
Your Network (VPN etc)
If you are using a broadband connection, you should have some kind of firewall protection. With these "Always On" type connections you become more vulnerable to attacks from outsiders. The main reasons for this are:
- Your machine will retain a fairly static IP address instead of getting a different one each time you connect
- You will be connected for a longer time, allowing a potential attacker more time to try different things on your machine
- Being on a broadband connection your machine become more valuable as the attacker wants to use your bandwidth.
While you cannot keep someone determined enough out of your machine, what you want to do is make it more difficult for any potential causal attacker. The idea is to make them give up and move on to someone without adequate firewall protection, rather than you be that one they move on to.
What is a Firewall?
A firewall is traditionally a device that sits between your machine and the Internet and deals with any data that comes in. When configured, it will allow in data that you have requested, or said that you want to allow in, while stopping anything that you are not interested in or didn't ask for.
More recently, "Software" firewalls have been created. These are applications that are installed on your machine that carry out the same task as traditional separate firewalls, without that requirement for a separate device.
You can also configure a Linux based machine to act as a firewall. This can provide a midway point between a software firewall and a dedicated machine. Many of the Linux based distributions will run on old computers which don't need hard drives, CD-ROMs or even keyboard or mouse. They just need a connection to your network, a connection to the Internet and a floppy disk drive.
Choosing the right type of firewall
There are many different reasons for choosing a firewall. Some of the scenarios are outlined in this table.
| Task | Software Based | Linux Based* | Dedicated Hardware |
| Protecting a single machine | ideal | not practical | not practical |
| Protecting multiple machines | not practical | ideal | ideal |
| Example Locations | |||
| Protecting machines at home | ideal | not practical | ideal |
| Protecting machines in a small office | not practical | ideal | ideal |
| Protecting machines in a larger office | unsuitable | unsuitable | ideal |
| Expanded Explanation | |
| ideal | This type of firewall is ideally suited to this task. Usually because it was designed for it. |
| not practical | While it could be used for this role, one of the others would be better suited. Another solution would be better suited for financial, maintenance or performance reasons. |
| unsuitable | For similar reasons as "not Practical" this type of firewall is unsuitable for the task as it will not be able to cope or provide the features required in that scenario. |
| * | If you have Linux skills, then some of the scenarios that outlined above as being "not practical" or "unsuitable" for a Linux based firewall may be different. |
The Different Types of Firewalls
There are three main types of firewall, which are often combined with other roles.
- Software based firewalls.
These are installed on a single machine and protect a single connection.
Windows XP and Windows 2003 Server have one built in called "Internet Connection Firewall".
Commercial products which offer more advanced features include Zone Alarm and Sygate Personal Firewall. - Linux based firewalls.
These are normal computers that have a version of Linux installed on them that provide the firewall features. - Dedicated hardware firewalls.
These are devices that have been designed to act purely as a firewall. Although some may be based on PC technology (the Cisco PIX is one example) the software and all other components have been optimised to provide the best performance.
The last two a very similar. As well as providing firewall features they are often combined with other network functions such as DHCP server, router, wireless access point and VPN end point. Many of the smaller devices aimed at the home market will combine all of these features along with a four port hub, meaning that one box can provide many of the functions required to setup a network.
04/02/2006
Back to the Top
Contact Us - Advertise on amset.info
Broadband Index - Home Page
Broadband - Exchange - Login Scripts - Network Admin - Outlook - Windows Mobile - Windows
© Amset IT Solutions Ltd. 1998 - 2008. All rights reserved. Reproduction of any content on this web site is prohibited without express written consent. Use of this web site is subject to our terms and conditions. All trademarks and registered trademarks are property of their respective owners. This site is not endorsed or recommended by any company or organisation mentioned on this site. This site is to provide guidance only and as such we cannot be held responsible for any consequences of following the advice given.