In addition to these two prominent types of enterprise firewalls, a new category of firewalls has come into existence in recent years: that of the personal firewall. Typically, a personal firewall is installed by an end user for protection of a single system or small (generally home) network that is connected to the Internet. Generally, a personal firewall is installed directly on one of the computers that need protection, rather than requiring a stand-alone piece of special-purpose hardware, or its own PC.
Personal firewall packages such Zone Alarm264, Norton Personal Firewall265 and Kerio Personal Firewall266 offer a subset of features of larger firewalls, generally being lighter on logging and management capabilities not needed by most home users, and adding a few features intended to appear to home users, like "Winroute Pro" (which does packet filtering).
Why mention personal firewalls in a book primarily concerned with enterprise computing? If your employees are dialing in from home over the Internet, and then connecting to your machines via ssh, web applications, etc., you should care about whether their computers are vulnerable to attack from the Internet, just as you should care about whether their computers are virus-free. In late 2000, it is believed that a hacker gained access to Microsoft source code, through the machine of a Microsoft employee (possibly their home machine).267 Just as an anti-virus program would alert a user if a worm appeared on their system, some personal firewalls could alert them whenever outbound connections are made to other systems possibly warning them of an outbound communication they werent aware of, which was being made by an illicit program.
How important is it for you to care about your employees home machines? Consider this: a large software vendor is implementing a procedure where the machines of employees remotely connecting to their network will be security-checked in some fashion before the connection is allowed to be used.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.