An external firewall connects two networks with each other and establishes
a controlled, lasting data connection between them. Regarding its use in
hosting, this is regularly the connection between a private net, the
so-called LAN, and the
Internet in the sense of a so-called
WAN.
The primary function of an external firewall (also known as network or
hardware firewall) is to monitor the data traffic passing through it
according to network rules defined in advance. These rules determine
whether certain network packets may pass the firewall or not. To put it
differently: the firewall only allows defined communication relationships,
based on particular sender and receiver addresses and services. The goal
is to protect the private network or network segment from unauthorised
access.
With a firewall it is not possible to identify and prevent attacks from
the Internet a priori. For this purpose, an
IDS is necessary,
which complements the firewall and is installed there or directly on the
monitored system.
For years, Knipp has been trusting solely the firewall brand »NetScreen«,
manifactured by Juniper Networks. Different models are used according to
the customer's demands, varying mostly in throughput, the number of
concurrent sessions and the number of rules that can be defined. All
NetScreen firewalls also contain
VPN functionality.
If NetScreen firewalls are used on both ends, no special
VPN clients are
necessary, because the firewalls can establish a direct, secured
connection between each other.
Installation, professional administration and operation of firewall
systems imperatively require profound knowledge and practical experience.
Therefore, Knipp normally only offers firewall services in the form of
a »managed firewall«, which is set up and administered in close
coordination with the customer.
|
