Magazine article Security Management

Demistifying Firewalls

Magazine article Security Management

Demistifying Firewalls

Article excerpt

Firewalls, hardware and software tools that monitor and limit traffic between computer networks, are quickly becoming a perimeter defense method of choice for organizations hooking up to the Interact. As with many new technologies, however, confusion and misconceptions abound. In response, the National Institute of Standards and Technology (NIST) is preparing a bulletin that examines the most common firewall exposures and offers purchasing suggestions and various configuration solutions.

According to NIST firewall expert John Wack, the agency is preparing a bulletin - which may be available this month - that will discuss essential features in firewalls. "It's designed to give people [help] on what sort of firewalls they ought to be purchasing based on the sort of threats out there on the Internet and based on how much security is good enough for their application," says Wack. Although users tend to believe that once they install a firewall they're safe, he says, "the majority of sophisticated attackers are going right through firewalls."

For the bulletin, Wack interviewed members of computer incident response teams across the country to identify the most common forms of attack and the best firewall configurations to combat them. The on-line NIST document will be available on the World Wide Web at

At the same time, the National Computer Security Association (NCSA) has established a Firewall Product Developers' Consortium, which aims to educate users, develop a product testing methodology, and create product certification standards. According to Tom Kelchner, an editor with the NCSA, "The point of [the vendor consortium] is to bring together everyone who has a stake in firewalls," including vendors, consumers, security experts, and consultants. "It will let consumers know what vendors have to offer and let vendors know what consumers are looking for."

This endeavor mirrors a vendors' consortium that the NCSA established in 1991 for antivirus product developers. Through that consortium, the NCSA developed testing and certification standards for antivirus products.

One of the new consortium's first objectives is to develop standards for describing and comparing firewall products. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.