A number of the security problems with the Internet discussed in Chapter 1 can be remedied or made less serious through the use of existing and well-known techniques and controls for host security. A firewall can significantly improve the level of site security while at the same time permitting access to vital Internet services. This chapter provides an overview of firewalls, including how they protect against the vulnerabilities described in Chapter 1, what firewalls don't protect against, and the components that make up a firewall. This chapter gives special emphasis to the use of advanced authentication and the importance of policy for determining how a firewall will implement a protection scheme.
Figure: Router and Application Gateway Firewall Example.