Information security of the network using firewalls and proxy servers

Information protection of the network from external intrusions is carried out using firewalls and proxy servers.

The original meaning of the firewall ( the firewall ) - is a wall in a building made of fire-resistant and non-flammable materials, which should prevent the spread of fire. In a computer network, a firewall is a computer with a software system that is placed at the edge of the corporate network and which only allows packets that are authorized in a certain way.

More often than not, firewalls protect the internal corporate network from unauthorized access from the external network. However, they can be used to filter outgoing information, restricting the access of internal network users to the outside.

Firewalls use different filtering algorithms, they have different degrees of protection and cost. For classification purposes, firewalls are described using seven layers of the Open Systems Interconnection (OSI) Reference Model.

A distinction is made between: firewalls network security

• packet filtering firewalls operating at the link and network levels;

• gateways at the session level - such services operate at the session recognition level;

• Application Level Gateways; filter information according to software applications);

• Expert-grade firewalls function as all lower-level firewalls

Typically, the higher the level of operation of the firewall, the more protection it provides and the higher the cost.

Packet filtering firewalls work in conjunction with a hardware or software router. They analyze the packet headers and, based on the information they have and their rule table, make a decision on whether the packet should be passed or rejected.

Packet filtering firewalls are relatively cheap and introduce little delay in message transmission. Packet filtering is often integrated into routers. At the same time, the level of protection in such firewalls is insignificant - a qualified attacker can spoof the address part of an IP packet.

Ideally, the firewall should be transparent (invisible) to network clients. This means that it does not cause a significant delay in the transmission of information, does not require clients to register with the firewall, separate from the user's registration in the network OS. In practice, the requirement for firewall transparency is violated in one way or another.

Sometimes firewall functions in complex systems are split between the actual firewalls and proxy servers. What is the difference between these servers? A firewall has traditionally protected the network from outside interference. It filters the frames of the link layer, recognizes the session that an external user opens. The proxy server controls and restrains the internal user from going outside, and is often its representative. The functions of an intermediary server are as follows:

• hide the addresses of internal stations, serving the entire network outside as one computer with the server address;

• store popular web pages, files, so that users are not forced to access the external network when they request it again. The server updates popular information automatically at a certain frequency.

It should also be noted that there is a need to physically restrict access to servers and data stores in an organization. Even with a developed system of information protection at the software level, information carriers can be either physically damaged or simply stolen for further decryption and use for personal gain.