The lowdown on firewalls

Related Links

Internal security

What are they? Firewalls are network devices or a combination of hardware and software that control the flow of network traffic. They stop intruders and malevolent code, while allowing authorized users and applications to send data unmolested.

What's a virtual private network? A VPN is an encrypted network connection between two firewalls or a firewall and a client computer that provides a secure tunnel for network data to be passed back and forth. VPNs reduce the need for leased lines and dedicated dial-up numbers'and, as a result, reduce network operation costs. They also make e-government applications such as cross-agency collaborations and Web services easier to implement and more secure.

What is Network Address Translation? NAT is a technology within most firewalls that hides the network addresses of computers and other devices from the Internet'or the other networks on the other side of the firewall'behind a single IP address. It then routes specific types of network traffic to the appropriate servers connected to it. So, a response to a Web server request coming into a NAT firewall would appear to come from the address of the firewall, not the Web server.

What should you look for in a firewall? Three things: flexible security, support for VPNs and easy manageability.

Look for firewalls that can change how they screen network traffic based on new types of attacks and other threats, and integrate tightly with other security software such as intrusion detection systems, spam filters and virus checkers.

A firewall should also be able to support secure connections to the network from mobile users and remote offices. Make sure the firewall supports your network's chosen directory service and whatever public-key infrastructure you have in place for encryption and user authentication.

If you're managing a large network, look for firewalls that can be centrally managed with a single security policy or set of policies that can be sent out to and interpreted by all the firewalls in your network. Otherwise, just tweaking your firewall settings across the agency network may become a lifetime pursuit.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected