1] Understanding Firewalls
Architecturally speaking, a firewall is a fireproof wall that segments a building into
two physically distinct halves. Thus preventing a fire, which started in one half of
the building, from spreading to the other half of the building.
Similarly, in Information Technology terms, a firewall is a device that divides a
network into two distinct halves, one being your private network and the other being
But there the analogy ends, as we want to be able to use the Internet but we don't want
the Internet to (ab)use us.
2] How To Build a Firewall, or, How Our Business Braved the Internet and Survived.
As we would like to be able to talk to the Internet, but not have the Internet able to
reach us, one of the two major functions of a firewall is to act like an unlisted phone
number. We can call IBM and ask for information, but IBM can't look us up and call us.
The other major function of a firewall is to act like call blocking, where certain
phone numbers can not call us (actually, we don't want anyone calling us!).
On the Internet, the equivalent of an unlisted phone number is a non-routable IP
address. Every single machine behind our firewall will have one of these "unlisted" IP
addresses, and that makes it hard for someone to even find us in the first place.
On top of that, our firewall will also block every single person on the Internet from
talking to our network. This function is called IP filtering, and just like a phone
call, we know whether we or someone else on the Internet originated the call. If we
originated the call out to the Internet, the call goes through, but if someone on the
Internet originated the call, our firewall just hangs up.
3] Why COMSEC is the Right Choice for your Enterprise, or The Gory Financial Details.
Your enterprise can purchase the best firewall money can buy and still have its
security compromised simply because the firewall administrator made a human error
configuring the firewall. Unfortunately, misconfigured firewalls have been the
originating cause of many of the well known "hacks" such as the CIA home page incident,
where it was replaced by a crude picture of the President and First Lady. Our solution
is to maintain the firewall for you, instead of selling you the box and wishing you