Lesson 6 was devoted entirely to virus and antivirus issues. While trying to be as comprehensive as possible, you can only squeeze so much information into one article. For more detailed information on all aspects of antivirus I recommend that you visit About.com's Antivirus Software Site.
This lesson will focus on perimeter defense systems- primarily firewalls. We will cover some of the basic firewall techniques and technologies. We will also discuss Intrusion Detection Systems (IDS) and Honeypots. As with Lesson 6, these are all very broad topics and I can’t begin to fit every detail about them into one article- they could be a whole series in and of themselves. Check out the links to the right of this article for more information on these topics.
The original definition of a firewall according to the Merriam-Webster dictionary is “a wall constructed to prevent the spread of fire.” In a physical sense this includes designing building so that the walls, floors and ceilings are able to contain or at least slow down the spread of fire.
In a network or computer security sense the model is flipped around somewhat. Rather than a system designed to contain the damage or keep it centralized to a single room (or your network in this case), the purpose of a firewall is to construct a perimeter wall to keep all of the damage out of your room (or network).
A well designed and configured firewall is like having a single point of entry into your building with a security guard at the door allowing only authorized personnel into the building. The firewall will block or allow traffic into your network or computer based on the rules you give it.
Obviously, if you have a twenty foot high brick wall with barbed wire on the top and armed guards monitoring the gate, but there are holes in the wall and tunnels under the wall you won’t be very secure. The simplest way to ensure your firewall is secure is to block everything by default and only authorize the traffic you want to allow in.
There are various techniques or ways of accomplishing this goal. Each has its pros and cons. One may be superior at effectively blocking traffic, but at the expense of impacting the speed and performance of the network or the system it is running on.