Title :
Network firewalls
Author :
Bellovin, Steven M. ; Cheswick, William R.
Author_Institution :
AT&T Bell Labs., Murray Hill, NJ, USA
Abstract :
Computer security is a hard problem. Security on networked computers is much harder. Firewalls (barriers between two networks), when used properly, can provide a significant increase in computer security. The authors classify firewalls into three main categories: packet filtering, circuit gateways, and application gateways. Commonly, more than one of these is used at the same time. Their examples and discussion relate to UNIX systems and programs. The majority of multiuser machines on the Internet run some version of the UNIX operating system. Most application-level gateways are implemented in UNIX. This is not to say that other operating systems are more secure; however, there are fewer of them on the Internet, and they are less popular as targets for that reason. But the principles and philosophy apply to network gateways built on other operating systems as well. Their focus is on the TCP/IP protocol suite, especially as used on the Internet.<>
Keywords :
Unix; computer networks; internetworking; network servers; protocols; security of data; Internet; TCP/IP protocol; UNIX operating system; UNIX programs; UNIX systems; application gateways; circuit gateways; computer network firewalls; computer security; network gateways; networked computer; packet filtering; Application software; Circuits; Computer networks; Computer security; Information filtering; Information filters; Internet; Operating systems; Protocols; TCPIP;
Journal_Title :
Communications Magazine, IEEE
