Network firewalls

Author

Bellovin, Steven M. ; Cheswick, William R.

Author_Institution

AT&T Bell Labs., Murray Hill, NJ, USA

Volume

32

Issue

9

fYear

1994

Firstpage

50

Lastpage

57

Abstract

Computer security is a hard problem. Security on networked computers is much harder. Firewalls (barriers between two networks), when used properly, can provide a significant increase in computer security. The authors classify firewalls into three main categories: packet filtering, circuit gateways, and application gateways. Commonly, more than one of these is used at the same time. Their examples and discussion relate to UNIX systems and programs. The majority of multiuser machines on the Internet run some version of the UNIX operating system. Most application-level gateways are implemented in UNIX. This is not to say that other operating systems are more secure; however, there are fewer of them on the Internet, and they are less popular as targets for that reason. But the principles and philosophy apply to network gateways built on other operating systems as well. Their focus is on the TCP/IP protocol suite, especially as used on the Internet.<>

Keywords

Unix; computer networks; internetworking; network servers; protocols; security of data; Internet; TCP/IP protocol; UNIX operating system; UNIX programs; UNIX systems; application gateways; circuit gateways; computer network firewalls; computer security; network gateways; networked computer; packet filtering; Application software; Circuits; Computer networks; Computer security; Information filtering; Information filters; Internet; Operating systems; Protocols; TCPIP;

fLanguage

English

Journal_Title

Communications Magazine, IEEE

Publisher

ieee

ISSN

0163-6804

Type

jour

DOI

10.1109/35.312843

Filename

312843