Get this Security+ CertiGuide for your own computer.
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 3:  Infrastructure Security (Domain 3.0; 20%)
      9  3.1  Devices
           9  3.1.1  Firewalls

Previous Topic/Section
Network-Level Firewalls
Previous Page
Pages in Current Topic/Section
1
Next Page
If We Buy It, Will It Protect Us?
Next Topic/Section

Personal Firewalls

In addition to these two prominent types of enterprise firewalls, a new category of firewalls has come into existence in recent years: that of the personal firewall. Typically, a personal firewall is installed by an end user for protection of a single system or small (generally home) network that is connected to the Internet. Generally, a personal firewall is installed directly on one of the computers that need protection, rather than requiring a stand-alone piece of special-purpose hardware, or its own PC.

Personal firewall packages such Zone Alarm264, Norton Personal Firewall265 and Kerio Personal Firewall266 offer a subset of features of larger firewalls, generally being lighter on logging and management capabilities not needed by most home users, and adding a few features intended to appear to home users, like "Winroute Pro" (which does packet filtering).

Figure 28: While not a ‘simple’ as some Personal Firewalls, Kerio is quite customizable and can prevent HTML based Spam Email from ‘phoning home’. Making this more advanced personal firewall simpler to manage is the pre-defined firewall rules available from: http://www.geocities.com/yosponge/.

 


Why mention personal firewalls in a book primarily concerned with enterprise computing? If your employees are dialing in from home over the Internet, and then connecting to your machines via ssh, web applications, etc., you should care about whether their computers are vulnerable to attack from the Internet, just as you should care about whether their computers are virus-free. In late 2000, it is believed that a hacker gained access to Microsoft source code, through the machine of a Microsoft employee (possibly their home machine).267 Just as an anti-virus program would alert a user if a worm appeared on their system, some personal firewalls could alert them whenever outbound connections are made to other systems – possibly warning them of an outbound communication they weren’t aware of, which was being made by an illicit program.

How important is it for you to care about your employees’ home machines? Consider this: a large software vendor is implementing a procedure where the machines of employees remotely connecting to their network will be security-checked in some fashion before the connection is allowed to be used.


 __________________

264. http://www.zonelabs.com/store/content/home.jsp

265. http://www.symantec.com/sabu/nis/npf

266. http://www.kerio.com/us/kpf_home.html

267. http://www.vnunet.com/Analysis/1113409

Previous Topic/Section
Network-Level Firewalls
Previous Page
Pages in Current Topic/Section
1
Next Page
If We Buy It, Will It Protect Us?
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.