Shields Up: Firewalls and Other Network Perimeter Defenses
In today’s ubiquitous computing environment, the most frequently used entrance (and exit!) in to (or out of) any system is its network connection. That’s why network firewalls have been a central component of every network security architecture since their introduction in the 1980’s. A firewall’s primary responsibility is to stop the spread of malware, help prevent cyberattacks and unauthorized data exfiltration, or isolate other problems in one network or network segment from affecting others. Thus, firewalls serve to compartmentalize one area of a computer network from another. And while they are most commonly thought of as being at network boundaries like your home or office router, just about every computer has a firewall these days, including your personal laptop.
Modern firewalls can also do a lot more than their first or second generation ancestors that simply blocked certain ports or kept track of ongoing conversations between two endpoints. By building on so-called Deep Packet Inspection (DPI) technology, firewalls can analyze the traffic passing through them in real time, making decisions about what to allow or block based on myriad factors. On more heavily policed or otherwise protected networks, firewalls have evolved into very powerful Network Intrusion Detection or Prevention Systems (NIDS/NIPS).
But don’t make the mistake of thinking this power is reserved for rich corporations! The firewall built into the Linux kernel (called Netfilter and controlled with the
nft commands) is the backbone of almost all commercial enterprise firewall distributions, and it’s available free of charge. Plus, its ability to intercept and modify traffic in-flight is the basis of many proxy technologies such as Docker’s networking and Kubernetes’s kube-proxy, among others.
So, are your network shields up? Find out at this workshop where we’ll show you how to use the firewall built-in to your Windows, macOS, or GNU/Linux laptop. We’ll also show you how to set up firewalled subnets using NAT routers, a bulletproof way to keep unsecured Internet of Things (IoT) or smart-home devices from infecting your more critical personal devices, or to make a super-secure guest Wi-Fi network available for visitors. You’ll leave understanding the utility of so-called Layer 7 firewalls such as Web Application Firewalls (WAFs), and knowing how to test the security of your own firewall configurations.
Upcoming “Shields Up: Firewalls and Other Network Perimeter Defenses” Events
Subscribe to our calendar.
- June 21, 2020 at 4:30 pm (-0400)