Disarming firewall

We have focused on a particular mechanism of providing network security: firewall technology. Firewalls provide a false sense of security because they have inherent flaws that are continuously exploited by hackers. Current firewalls lack in providing adequate security against insiders. Literature suggests that these limitations arise from the deficiencies in firewall design. This paper presents a model of a firewall called disarming firewall. The model is composed of different components, each serving different purpose. The firewall protects against malicious insiders by limiting the attacking capabilities of each internal host. Knowing that obtaining knowledge of end systems is a precursor of an attack, the firewall hides the identity of OS and server software placed in DMZ from internal as well as external users. Another problem solved by the firewall is the general laziness in applying patches to the software. The auditing system of firewall actively monitors all systems in the perimeter and applies patches as soon as they are released.