Firewalls
A firewall is a hardware or software device which is configured to
permit, deny, or proxy data
through a computer network which has different levels of trust.
A firewall's function within a network is similar to firewalls with fire door in building construction. In former case, it is used to prevent network intrusion to the private network. In latter case, it is intended to contain and delay structural fire from spreading to adjacent structures. An analogy of network firewall is a fire-resistance rated wall with a fire-resistance rated, self-closing, solid-core, inside unlockable, outside key-lockable door between a house and its attached garage.
A firewall's basic task is to transfer traffic between computer networks of
different trust levels. Typical examples are the Internet which is a zone with
no trust and an internal network which is a zone of higher trust. A zone with an
intermediate trust level, situated between the Internet and a trusted internal
network, is often referred to as a "perimeter network" or Demilitarized zone
(DMZ).
Without proper configuration, a firewall can often become worthless. Standard
security practices dictate a "default-deny" firewall ruleset, in which the only
network connections which are allowed are the ones that have been explicitly
allowed. Unfortunately, such a configuration requires detailed understanding of
the network applications and endpoints required for the organization's
day-to-day operation. Many businesses lack such understanding, and therefore
implement a "default-allow" ruleset, in which all traffic is allowed unless it
has been specifically blocked. This configuration makes inadvertent network
connections and system compromise much more likely.
DCE Carries Firewall products by the following manufacturers: