In the physical world, businesses rely on several layers of security. First, they rely on their country’s government and military forces to keep order. Then, they trust their local police to patrol the streets and respond to any crimes that occur. They further supplement these public security mechanisms by using locks on doors and windows, employee badges, and security systems. If all these defenses fail and a business is a victim of a crime, the business’s insurance agency absorbs part of the impact by compensating the business for a portion of the loss.
Unfortunately, the state of networking today lacks these multiple levels of protection. Federal and local governments do what they can to slow network crime, but they’re far from 100 percent effective. Beyond prevention, law enforcement generally only responds to the most serious network intrusions. The average Internet-connected home or business is attacked dozens of times per day, and no police force is equipped to handle that volume of complaints. Losses from computer crime are hard to quantify and predict, and as a result most business insurance policies do little to compensate for the losses that result from a successful attack.
The one aspect of physical security, however, that isn’t missing from network security is the equivalent of door locks, employee badges, and security systems: firewalls. Just as you lock your car and home, you need to protect your computers and networks. Firewalls are these locks, and just like in the physical world, they come in different shapes and sizes to suit different needs. The famous Jargon Dictionary has a great definition for firewall: “a dedicated gateway machine with special security precautions on it, used to service outside network connections and dial-in lines.” Firewalls serve two useful purposes: they filter what traffic comes into your network from the outside world, and they control what computers on your network may send there.
It’s important to understand one thing, however. No firewall—whether a small, free host-based firewall or a multiple-thousand-dollar enterprise firewall array—will make your computers impervious to attack. Firewalls, like locks and walls and moats and dragons, create barriers to attack—they get in the way of someone trying to take control. By making it difficult for attackers to get into your computer, by making them invest lots of time, you become less attractive. Firewalls very effectively block most bad guys from compromising an individual computer. But it’s impossible to fully prevent every intrusion: All software has bugs, and someone might find an obscure bug in your firewall that allows them to pass through. In a nutshell, there’s no such thing as absolute security. How much you invest in firewalls should be a function of how much you have to lose if an attack is successful.
No comments:
Post a Comment