COLLEGE
OF TECHNOLOGY
SEC
6040
Week
5 – Reading Summary
Please summarize what you read for Week
and what you found interesting and why.
Please provide NO MORE THAN 1 page for this submission. Please explain
why the case study was relevant to the chapter readings. (If Applicable).
Chapter 9: Firewalls
Firewall is the hardware or software configured to
block unauthorized network access. Software firewalls come as freeware,
shareware, and commercial enterprise applications. Whereas, hardware firewall
appliances are more expensive, but can handle more traffic. Stateless firewalls
filter traffic based on protocol or IP address but are less secure than state
full firewalls. Firewalls are effective only if they are configured correctly
to block undesirable traffic and allow necessary traffic. Firewall rule base
should be based on the organization’s security policy, provide rules for how
applications can access the Internet, and be as simple and short as possible.
Chapter 10: Firewall Design and Management
In this chapter, I read about the design of the common
firewall configurations. Firewall design includes planning location for
firewall placement. Similarly, more details on a proxy server where it cache
Web pages to speed up network performance. Also, the plan of the configuration of a
bastion host and the honeypot. Bastion hosts are computers that are accessible
to untrusted clients such as Web server, e-mail servers, and proxy servers. Additionally,
I read about the configuration of the Network address translation (NAT) and the
performance of the basic configuration of a Cisco ASA firewall. NAT used to protect internal clients from
direct access by untrusted, external hosts and decreases need for public IP
addresses. Many of the same commands used to configure Cisco routers and
switches are also applicable on Cisco firewalls.
Chapter 11: VPN Concepts
In this chapter, I know about the basic concepts of
VPN. I got chance to read more details about the encapsulation, encryption and
authentication in VPNs. A VPN uses encryption, encapsulation, and
authentication to permit secure communications to travel over an unsecure
medium. Furthermore, I know about the considerations for planning VPN
deployments and the different options for VPN configurations. VPNs are created
by hardware or software components at each end of the connection. Analysis of
business needs is an important first step in deploying VPNs. Similarly, I read
different ways to adjust packet-filtering rules for VPNs and the ways to review
VPN policies and procedures. Packet-filtering rule sets must be configured to
allow VPN traffic, except when a VPN endpoint is placed parallel to a firewall.
VPNs must be managed in accordance with security policies.
I was completely unknow about the firewalls although I
heard many times. So that I am clearly understood about it while reading this
chapters. The case study is relevant because firewalls and VPNs are
interconnected. In my opinion, these chapter gives the gist knowledge from the
three chapters.