Network Firewall Implementation
A strong perimeter security helps to protect your network from external attacks. The main element on the perimeter security front is a network firewall. You can deploy several types of firewalls and other security options. The different types of network firewalls include the following:
-
Packet filtering: These firewalls use ACLs to inspect the data that they forward down to the IP layer. This inspection allows them to classify data based on the TCP or UDP ports, as well as the source and destination IP addresses. This filtering allows you to make forwarding decisions. Some organizations use packet filtering to allow only traffic that meets approved criteria to pass out of the firewall.
-
Stateful inspection: Also known as Stateful Packet Inspection (SPI) firewalls, these firewalls not only allow packet filtering, but it pays attention to the flow of the packets. Rather than evaluating each packet as a separate entity, it looks at the flow of the traffic and identifies packets that are replies to others. SPI can evaluate packets that are suspicious and part of an attack profile.
-
Application layer firewall: This firewall can be a specific firewall, but it tends to fall in the category of proxy and reverse proxy servers. In this case, there can be a deep packet inspection into the data to validate that it is not only allowed, but also not part of an attack on the systems that make up your network.
These firewalls tend to be specific for the application layer protocol that they are protecting. Common choices here are HTTP, FTP, and SMTP.
Cloud Computing Glossary
cloud computing
A networking solution in which everything — from computing power to computing infrastructure, applications, business processes to personal collaboration — is delivered as a service wherever and whenever you need.
Cloud Computing Glossary
cloud service
The delivery of software, infrastructure, or storage that has been packaged so it can be automated and delivered to customers in a consistent and repeatable manner.
Cloud Computing Glossary
deprovision
The release of cloud services that are no longer needed.
Cloud Computing Glossary
federating
Linking distributed resources together over the cloud.
Cloud Computing Glossary
hypervisor
An operating system that acts as a traffic cop, managing the various virtualization tasks in the cloud to ensure that they make things happen in an orderly manner.
Cloud Computing Glossary
multi-tenancy
The sharing of underlying resources by multiple companies over a cloud.
Cloud Computing Glossary
network attached store
Storage that has its own network address through which it is accessed by the network's workstation users. Acronym: NAS
Cloud Computing Glossary
service level agreement
A contract that stipulates the type of service you need from providers and what type of penalties would result from an unexpected business interruption. Acronym: SLA
Cloud Computing Glossary
solution stack
An integrated set of software that provides everything a developer needs to build an application.
Cloud Computing Glossary
storage area network
A storage systems that is flexible and scalable because it's available to multiple hosts at the same time. Acronym: SAN
Cloud Computing Glossary
vertical industry groups
Workgroups comprised of members from a particular industry such as technology and retail.
Cloud Computing Glossary
virtual memory
The portion of your hard drive that Windows uses to expand the available RAM
Cloud Computing Glossary
virtualization
Using computer resources to imitate other computer resources or whole computers to maximize performance and flexibility.
