Major Technologies that Provide Security
The following are the major technology components :
Firewalls
- It is a device that selectively discriminates against information flowing into or out of organization.
- Firewalls can be implemented in both hardware and software or a combination of both.
- Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.
- All messages entering or leaving the intranet pass through the firewalls, which examines each message and blocks those that do not meet the specified security criteria.
- It is also a device or set of devices configured to permit, deny, encrypt, decrypt or proxy all computer traffic between different domain based upon a set of rules and other criteria.
- The gateway router connects the organizations system with the outside world.
- It will allow only a few types of protocols to enter.
- The types of firewalls includes : Network Level Firewalls, Circuit-Level Firewalls, Application Level Firewalls, Stateful Multi Level Firewalls.
- A Firewall can be a single device or a firewall subnet that consists of multiple firewalls creating a buffer inside and outside the network.
Demilitarized Zone
- A DMZ (demilitarized zone) is a computer host or small network inserted as a “neutral zone” between a company’s private network and the outside public network.
- It prevent outside users from getting direct access to a server that has company data.
- It is no-man’s a land between inside and outside networks where some organizations place Web Servers.
- The purpose of a DMZ is to add an additional layer of security to an organization’s local area network (LAN), an external attacker only has access to equipment in the DMZ, rather than any other part of the network.
Proxy Servers
- They intercept all messages entering and leaving the network.
- The proxy server effectively hides the true network addresses.
- They perform action on behalf of another system in the network.
- The outside client will not know whether the requested web page is from proxy system or the original system.
- They give access to the requested web page but do not allow them to directly gain access to the internal network.
- The more frequently accessed pages are stored temporarily in Cache Servers.