CertiGuide to Security+  9  Chapter 3:  Infrastructure Security (Domain 3.0; 20%)       9  3.1  Devices            9  3.1.1  Firewalls

Network-Level Firewalls 1 If We Buy It, Will It Protect Us?

In addition to these two prominent types of enterprise firewalls, a new category of firewalls has come into existence in recent years: that of the personal firewall. Typically, a personal firewall is installed by an end user for protection of a single system or small (generally home) network that is connected to the Internet. Generally, a personal firewall is installed directly on one of the computers that need protection, rather than requiring a stand-alone piece of special-purpose hardware, or its own PC.

Personal firewall packages such Zone Alarm²⁶⁴, Norton Personal Firewall²⁶⁵ and Kerio Personal Firewall²⁶⁶ offer a subset of features of larger firewalls, generally being lighter on logging and management capabilities not needed by most home users, and adding a few features intended to appear to home users, like "Winroute Pro" (which does packet filtering).

Why mention personal firewalls in a book primarily concerned with enterprise computing? If your employees are dialing in from home over the Internet, and then connecting to your machines via ssh, web applications, etc., you should care about whether their computers are vulnerable to attack from the Internet, just as you should care about whether their computers are virus-free. In late 2000, it is believed that a hacker gained access to Microsoft source code, through the machine of a Microsoft employee (possibly their home machine).²⁶⁷ Just as an anti-virus program would alert a user if a worm appeared on their system, some personal firewalls could alert them whenever outbound connections are made to other systems – possibly warning them of an outbound communication they weren’t aware of, which was being made by an illicit program.

How important is it for you to care about your employees’ home machines? Consider this: a large software vendor is implementing a procedure where the machines of employees remotely connecting to their network will be security-checked in some fashion before the connection is allowed to be used.

Network-Level Firewalls 1 If We Buy It, Will It Protect Us?