Perimeter Firewall

The perimeter firewall has two primary roles:

• To protect private local networks and servers from external (Internet) attack
• To control what users can do and access on the Internet

External Attack Defense:

It is an unfortunate fact that even small organizations with a low Internet profile are at risk from a myriad of Internet based threats and attacks. Criminal activity for financial gain seeks to exploit the fact that security was not designed into the Internet or most of the services that it supports - users have to ensure their own security.

SmoothWall Firewalls employ a variety of methods to block external attacks and threats, including:

• All external traffic from the Internet will be blocked at the firewall unless (1) it is in response to an outgoing request (such as user web browsing), or (2) a firewall rule has been specifically configured to allow the traffic to pass.
• Stateful packet inspection techniques are used to ensure that all packets that are part of a complete legitimate sequence.
• A sophisticated Intrusion Detection System (IDS) that analyzes incoming data for known threats, such as attacks on Microsoft and other operating systems, email servers and viruses.

Internet Access Control:

Allowing users unrestricted Internet access is almost certain to result in considerable time wastage, the illegal download of copyright music and increased problems from viruses, Trojans and spyware. With research showing that up to 40% of Internet usage by business users is unproductive; this is a problem that cannot be ignored. The ability to create outbound (egress) rules on your SmoothWall firewall puts you in control of what Internet services users can access.

Peer to Peer (P2P) networks are a particular cause for concern. Not only are they likely to be used to download illegal copies of copyright music but many employees have inadvertently shared confidential information with other P2P users. Unchecked, P2P networks can consume huge amounts of bandwidth and are also a major source of viruses, Trojans and spyware. However, most P2P networks defeat traditional firewall port blocking by using port agile software, routing the P2P traffic through almost any available IP port. SmoothWall's Deep Packet Inspection technology examines the contents of all data packets passing through the firewall for P2P traffic patterns, so that P2P can be blocked regardless of whichever port it attempts to use.

Multiple rule-sets define what Internet services and ports can or cannot be accessed by particular user groups. These rule-sets enforce security policies upon users, normally restricting access to a narrow set of Internet activities, such as only allowing a group of users to browse the web and send/receive email. Several pre-defined rule-sets are available to enforce common usage policies, which can be augmented by administrator created rule-sets to customize the firewall behaviour to specific requirements. Rule sets can be applied to user groups by user identity, by IP address, IP address range or by subnet. Internet game playing and Instant Messaging are typical examples of what can be blocked by firewall egress rules. Likewise, the De-Militarized Zone (DMZ) can also be subject to its own rule-sets, avoiding the risk of servers exposing unnecessary services and hence security vulnerabilities to the Internet.

Integration with Microsoft Active Directory®, Novell eDirectory™, other LDAP or RADIUS systems enables identity based control, where a user's membership of security groups on the organization's user authentication system determines what Internet services they are allowed to use.