Network Design: Firewall, IDS/IPS


There are many different types of devices and mechanisms within the security environment to provide a layered approach of defense. This is so that if an attacker is able to bypass one layer, another layer stands in the way to protect the network. Two of the most popular and significant tools used to secure networks are firewalls and intrusion detection systems. The rudimentary functionality of a firewall is to screen network traffic for the purpose of preventing unauthorized access between computer networks.

In this article, we will examine the various types of firewalls and intrusion detection systems, as well as understand the architecture behind these technologies. We will touch on attack indications and the countermeasures that should be applied in order to secure the network from breach. 

This article describes the importance of intrusion detection and prevention and why they must be a part of every network security administrator’s defense plan.

What is a firewall?

A firewall is a device installed between the internal network of an organization and the rest of the network. It is designed to forward some packets and filter others. For example, a firewall may filter all incoming packets destined for a specific host or a specific server such as HTTP, or it can be used to deny access to a specific host or a service in the organization. 

The following image depicts a firewall installation in the network.

Firewalls are a set of tools that monitors the flow of traffic between networks. Placed at the network level and working closely with a router, it filters all network packets to determine whether or not to forward them towards their destinations.

Working architecture

A firewall is often installed away from the rest of the network so that no incoming requests get directly to (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Ajay Yadav. Read the original post at: