Any machine, whether a personal computer or a server, opens itself to significant risk by being exposed to Internet traffic. The first line of defense against the dangers that abound on the Internet is usually a firewall: a device designed to filter the connections made and data sent and received over networks to reduce the potential for malicious attacks getting to your systems. A host based firewall is one type of this kind of device and it is designed to protect a specific machine, or host, rather than a network of multiple machines.
The bigger your organization, the more sensitive the information held on your computers and the more likely it is that someone will be actively trying to tap into your system to get at that information. This means you’ll need more security and you’ll be more likely to employ network-level firewalls, especially if the confidential information in question will need to be accessible from multiple points on a network. However, even if you employ such devices, installing a host based firewall on specific machines can bolster the overall security of a network.
To understand the role firewalls play, it’s important to understand the kind of attacks that might be directed towards a given system. It is said we live in the information age, which usually signifies the fact that information has become one of the primary commodities in our culture, so it’s easy to understand how our personal or corporate information could be valuable to someone and is therefore worth stealing. However, it’s also important to understand that the ability to disseminate information is equally valuable. There are all kinds of adware and spyware out there designed to interfere with the activities of users and, through pop-ups and other methods, direct them toward the sites and information other organization want them to see. The simple denial of information can also bring an organization to its knees and there are attacks (denial of service attacks) specifically designed make it impossible for servers or networks to properly communicate information. These are just some of the dangers that are out there, but they’ll serve to make it clear that security is an important consideration for anyone with a networked computer.
Firewalls work by denying access that is not planned, expected or typical of the kind of activities that go on a given network or system by blocking information or connection that do not conform to predefined rules. Obviously, such security measure can complicate how services that require connections to multiple machines operate, but most Internet activity for a given organization will conform to predictable patterns, which means that you can anticipate the kind of traffic you need to allow and what can safely be blocked. Illicit transmission can still slip through a firewall, but because the rules employed by a firewall are not externally known, the attacks probably won’t conform to established policies making it more likely that they will be successfully blocked.
A hardware firewall that is setup at the perimeter of a network is the easiest way to implement global rules for the kind of traffic that will be allowed to move over a network, but even with such a firewall in place an organization may want to limit the kinds of traffic that are allowable for specific machines, reducing the number of points of entry into the system to the minimum. In this case, additional host based firewalls, which are usually software programs, may be desirable. These will provide an additional level of protection against external attacks, but it can also help contain any attacks that might make it onto the network.
Related posts:
- Additional Security With A Host Based IDS Security is, of course, always a concern. It is...
- Improving Security with Host Hardening Host Hardening is exactly what it sounds like: the systematic...
- Avoiding a Server Virus As in all things, security is important. You need...
- Information Security and OpenSSH Server The basic premise of the information age is that information...
- Smart Host and Mail Transfer If you are hosting a single website or are a...
Related posts brought to you by Yet Another Related Posts Plugin.
{ 0 comments… add one now }