The lowdown on firewalls

Related Links

Internal security

What are they? Firewalls are network devices or a combination of hardware and software that control the flow of network traffic. They stop intruders and malevolent code, while allowing authorized users and applications to send data unmolested.

What's a virtual private network? A VPN is an encrypted network connection between two firewalls or a firewall and a client computer that provides a secure tunnel for network data to be passed back and forth. VPNs reduce the need for leased lines and dedicated dial-up numbers'and, as a result, reduce network operation costs. They also make e-government applications such as cross-agency collaborations and Web services easier to implement and more secure.

What is Network Address Translation? NAT is a technology within most firewalls that hides the network addresses of computers and other devices from the Internet'or the other networks on the other side of the firewall'behind a single IP address. It then routes specific types of network traffic to the appropriate servers connected to it. So, a response to a Web server request coming into a NAT firewall would appear to come from the address of the firewall, not the Web server.

What should you look for in a firewall? Three things: flexible security, support for VPNs and easy manageability.

Look for firewalls that can change how they screen network traffic based on new types of attacks and other threats, and integrate tightly with other security software such as intrusion detection systems, spam filters and virus checkers.

A firewall should also be able to support secure connections to the network from mobile users and remote offices. Make sure the firewall supports your network's chosen directory service and whatever public-key infrastructure you have in place for encryption and user authentication.

If you're managing a large network, look for firewalls that can be centrally managed with a single security policy or set of policies that can be sent out to and interpreted by all the firewalls in your network. Otherwise, just tweaking your firewall settings across the agency network may become a lifetime pursuit.


  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.