Firewalls - IT Library : ZDNet Asia

White Papers

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Usability and Security of Personal Firewalls 2007-01-19 Linkopings Universitet

Effective security of a personal firewall depends on the rule granularity and the implementation of the rule enforcement and the correctness and granularity of user decisions at the time of an alert. A misconfigured or loosely configured firewall may be more dangerous than no firewall at all because of the user's false sense of security. This paper assesses effective security of 13 personal firewalls by comparing possible granularity of rules as well as the usability of rule set-up and its influence on security. In order to evaluate usability, it has submitted each firewall to use cases that require user decisions and cause rule creation. In order to evaluate the firewalls' security, the created rules are analyzed.

Tags: Network Security, Security Tools

A Reference Model for Firewall Technology 2007-01-18 Purdue University

This paper concentrates on one particular technological aspect of providing communications security, firewall technology. Currently firewall technology is a specialized engineering solution rather than a scientifically based solution. The paper introduces a reference model that captures existing firewall technology and allows for an extension to networking technologies to which it was not applied previously. It can serve as a framework in which firewall systems can be designed and validated. The essential components of the reference model are authentication, integrity assurance, access control, audit, and their enforcement. All components are governed by a centralized security policy, and they can be deployed in a distributed fashion to achieve scaling.

Tags: Network Security, Security Tools

Personal Firewalls - Testing Robustness 2007-01-12 Edith Cowan University

Consumers require personal firewalls that are highly secure, easy to use, configurable and up-to-date with the latest signatures to detect malicious network activity. Robustness tests were performed on a selection of the ten most popular firewalls by market share. The test system used was a vanilla installation of Windows XP with SP2 and all the most recent updates and patches. Each firewall was installed with its default configuration following the didactic instructions given by the firewall. The investigation was carried out by performing an installation, penetration, performance and update test. A third party bitTorrent application was also installed mimicking a home installation of a download application.

Tags: Network Security, Security Tools

Perimeter Protection Using Juniper Firewalls 2007-01-02 NetworkPenTest

Firewalls are the first line of defense for organizations that do not own the perimeter Routers and care must be taken to configure the device to properly ward off various attacks. Even though securing the perimeter is an integral part of Information security, organizations should practice Defense-In-Depth strategy where security is provided in layers to protect the various assets.

Tags: Security Tools

Advanced Firewall Policy Auditing, Monitoring and Compliance 2006-12-17 Tufin Software Technologies

Nowadays organizations rely heavily on computer networks and Internet services. As the size and complexity of networks grow, the security requirements increase at a steady pace. New security threats and networking changes require increasing efforts by IT departments. As a result, large organizations typically maintain a staff of several security administrators working in shifts around the clock to manage the different networks, servers, applications and users. Firewall policies that include hundreds of firewall rules are common, and there are frequently hundreds and even thousands of hosts and networks defined in firewall policies. Keeping track of complex organizational networks presents an increasing challenge to security departments worldwide.

Tags: Network Security, Security Tools

The New PCI Requirement: Application Firewall Vs. Code Review 2006-12-12 Imperva

Those enterprises which handles credit card information, must meet the requirements under the new Payment Card Industry Data Security Standard version 1.1 (PCI DSS). With PCI requirement 6.6, the brand new Web application security requirement, and its company's choice - they can have their code reviewed by an external company or they can install a Web Application Firewall. This paper details PCI requirement 6.6, the issues, the products involved, and the costs associated with choosing a code review versus selecting an application firewall.

Tags: Security Management, Security Tools

NAT/Firewall Traversal: Issues and Solutions 2006-12-12 Helsinki University of Technology

Network Address Translators (NATs) and Firewalls are increasingly used in all type of networks because of various reasons. However, NATs and firewalls are limiting some kind of communications and they are known to cause problems for applications that carry IP addresses in the payload which are mainly related to multimedia communications and Voice over IP. Nowadays there are many techniques and solutions are used to allow those increasingly popular applications to work through NATs and Firewalls. Examples of such applications are NAT/Firewall NSLP, STUN, Application Level Gateways, CODO, etc. This paper takes a look on a few exscinding and proposed solutions and studies their features, advantages and shortcomes.

Tags: Security Tools

Disseminating Expertise in Social Networks 2006-12-09 IBM

Expertise Location Servers are usually isolated behind corporate firewalls because they mine sensitive documents such as e-mails. Professional networking sites expose expertise information to non-collocated social networks, but are limited to keywords input by users. This paper introduces a data structure called "Expertise Dictionary", which encapsulates automatically mined expertise keywords for transport across firewalls. The Expertise Dictionary naturally leads to unique soft-state based server-less architectures, eliminating the costs associated with hosted servers. Not having a centralized server gives experts complete control & privacy in generating expertise keywords. This system architecture can be generalized to distributing other kinds of information in social networks.

Tags: Network Security, Security Management

OPTWALL: A Hierarchical Traffic-Aware Firewall 2006-12-08 University of Pittsburgh

The overall efficiency, reliability, and availability of a firewall is crucial in enforcing and administrating security, especially when the network is under attack. The continuous growth of the Internet, coupled with the increasing sophistication of the attacks, is placing stringent demands on firewall performance. These challenges require new designs, architecture and algorithms to optimize firewalls. This paper proposes OPTWALL, an adaptive hierarchical firewall optimization framework aimed at reducing operational cost of firewalls. The main features of the proposed approach are the hierarchical design, splitting techniques, an online traffic adaptation mechanism, and a strong reactive scheme to counter malicious attacks (e.g. Denial-of-Service (DoS) attacks).

Tags: Network Security, Security Tools

Dynamic Firewalls and Service Deployment Models for Grid Environments 2006-12-05 Leibniz Universitaet Hannover

The ubiquitous deployment of firewalls at the border between external and corporate network segments has brought significant improvements in protection against malicious code and unwanted traffic. However, the traditional client-server paradigm supported by most of today's firewall does not accommodate the specific requirements of novel Grid applications. This paper presents two different approaches to partially overcome the limitations in Grid computing introduced by firewalls. The first method, based on the extension of firewall implementations, intends to enable a "dynamic" behavior of the firewall itself. The second approach aims at minimizing the interactions between Grid applications and firewalls, through the definition of a firewall-friendly, homogeneous and consistent deployment of Grid middleware across all entities participating in a Virtual Organization.

Tags: Security Tools

Jump to 1 2 3 4 5 6 7 8 [9] 10

Title	Date Added	Company
Usability and Security of Personal Firewalls	2007-01-19	Linkopings Universitet
Effective security of a personal firewall depends on the rule granularity and the implementation of the rule enforcement and the correctness and granularity of user decisions at the time of an alert. A misconfigured or loosely configured firewall may be more dangerous than no firewall at all because of the user's false sense of security. This paper assesses effective security of 13 personal firewalls by comparing possible granularity of rules as well as the usability of rule set-up and its influence on security. In order to evaluate usability, it has submitted each firewall to use cases that require user decisions and cause rule creation. In order to evaluate the firewalls' security, the created rules are analyzed. Tags: Network Security, Security Tools
A Reference Model for Firewall Technology	2007-01-18	Purdue University
This paper concentrates on one particular technological aspect of providing communications security, firewall technology. Currently firewall technology is a specialized engineering solution rather than a scientifically based solution. The paper introduces a reference model that captures existing firewall technology and allows for an extension to networking technologies to which it was not applied previously. It can serve as a framework in which firewall systems can be designed and validated. The essential components of the reference model are authentication, integrity assurance, access control, audit, and their enforcement. All components are governed by a centralized security policy, and they can be deployed in a distributed fashion to achieve scaling. Tags: Network Security, Security Tools
Personal Firewalls - Testing Robustness	2007-01-12	Edith Cowan University
Consumers require personal firewalls that are highly secure, easy to use, configurable and up-to-date with the latest signatures to detect malicious network activity. Robustness tests were performed on a selection of the ten most popular firewalls by market share. The test system used was a vanilla installation of Windows XP with SP2 and all the most recent updates and patches. Each firewall was installed with its default configuration following the didactic instructions given by the firewall. The investigation was carried out by performing an installation, penetration, performance and update test. A third party bitTorrent application was also installed mimicking a home installation of a download application. Tags: Network Security, Security Tools
Perimeter Protection Using Juniper Firewalls	2007-01-02	NetworkPenTest
Firewalls are the first line of defense for organizations that do not own the perimeter Routers and care must be taken to configure the device to properly ward off various attacks. Even though securing the perimeter is an integral part of Information security, organizations should practice Defense-In-Depth strategy where security is provided in layers to protect the various assets. Tags: Security Tools
Advanced Firewall Policy Auditing, Monitoring and Compliance	2006-12-17	Tufin Software Technologies
Nowadays organizations rely heavily on computer networks and Internet services. As the size and complexity of networks grow, the security requirements increase at a steady pace. New security threats and networking changes require increasing efforts by IT departments. As a result, large organizations typically maintain a staff of several security administrators working in shifts around the clock to manage the different networks, servers, applications and users. Firewall policies that include hundreds of firewall rules are common, and there are frequently hundreds and even thousands of hosts and networks defined in firewall policies. Keeping track of complex organizational networks presents an increasing challenge to security departments worldwide. Tags: Network Security, Security Tools
The New PCI Requirement: Application Firewall Vs. Code Review	2006-12-12	Imperva
Those enterprises which handles credit card information, must meet the requirements under the new Payment Card Industry Data Security Standard version 1.1 (PCI DSS). With PCI requirement 6.6, the brand new Web application security requirement, and its company's choice - they can have their code reviewed by an external company or they can install a Web Application Firewall. This paper details PCI requirement 6.6, the issues, the products involved, and the costs associated with choosing a code review versus selecting an application firewall. Tags: Security Management, Security Tools
NAT/Firewall Traversal: Issues and Solutions	2006-12-12	Helsinki University of Technology
Network Address Translators (NATs) and Firewalls are increasingly used in all type of networks because of various reasons. However, NATs and firewalls are limiting some kind of communications and they are known to cause problems for applications that carry IP addresses in the payload which are mainly related to multimedia communications and Voice over IP. Nowadays there are many techniques and solutions are used to allow those increasingly popular applications to work through NATs and Firewalls. Examples of such applications are NAT/Firewall NSLP, STUN, Application Level Gateways, CODO, etc. This paper takes a look on a few exscinding and proposed solutions and studies their features, advantages and shortcomes. Tags: Security Tools
Disseminating Expertise in Social Networks	2006-12-09	IBM
Expertise Location Servers are usually isolated behind corporate firewalls because they mine sensitive documents such as e-mails. Professional networking sites expose expertise information to non-collocated social networks, but are limited to keywords input by users. This paper introduces a data structure called "Expertise Dictionary", which encapsulates automatically mined expertise keywords for transport across firewalls. The Expertise Dictionary naturally leads to unique soft-state based server-less architectures, eliminating the costs associated with hosted servers. Not having a centralized server gives experts complete control & privacy in generating expertise keywords. This system architecture can be generalized to distributing other kinds of information in social networks. Tags: Network Security, Security Management
OPTWALL: A Hierarchical Traffic-Aware Firewall	2006-12-08	University of Pittsburgh
The overall efficiency, reliability, and availability of a firewall is crucial in enforcing and administrating security, especially when the network is under attack. The continuous growth of the Internet, coupled with the increasing sophistication of the attacks, is placing stringent demands on firewall performance. These challenges require new designs, architecture and algorithms to optimize firewalls. This paper proposes OPTWALL, an adaptive hierarchical firewall optimization framework aimed at reducing operational cost of firewalls. The main features of the proposed approach are the hierarchical design, splitting techniques, an online traffic adaptation mechanism, and a strong reactive scheme to counter malicious attacks (e.g. Denial-of-Service (DoS) attacks). Tags: Network Security, Security Tools
Dynamic Firewalls and Service Deployment Models for Grid Environments	2006-12-05	Leibniz Universitaet Hannover
The ubiquitous deployment of firewalls at the border between external and corporate network segments has brought significant improvements in protection against malicious code and unwanted traffic. However, the traditional client-server paradigm supported by most of today's firewall does not accommodate the specific requirements of novel Grid applications. This paper presents two different approaches to partially overcome the limitations in Grid computing introduced by firewalls. The first method, based on the extension of firewall implementations, intends to enable a "dynamic" behavior of the firewall itself. The second approach aims at minimizing the interactions between Grid applications and firewalls, through the definition of a firewall-friendly, homogeneous and consistent deployment of Grid middleware across all entities participating in a Virtual Organization. Tags: Security Tools

Security

Featured Whitepapers

Member Login

Webcast: Maximizing Data Protection with Disk-Based Backup

HP Simply StorageWorks D2D Backup System

Industry Watch: Healthcare