>

Most Viewed Networking Devices:

  1. Small business firewalls
  2. Computer networking hardware
  3. High speed gigabit PCI adapter
  4. USB 3.0 PCI Card for Super Speed Data Transfer Rate
  5. Small Business Computer Network with Apple Mac Mini Server
  6. NSA 240 Sonicwall Small Business Network Security
  7. Cisco WRVS4400N Wireless Security Router
  8. Cisco RV 120W Wireless-N VPN Firewall and VLAN Router
  9. Cisco RV016 Multi WAN Router For Small Business
  10. Cisco RV220W Small Business Router
  11. Cisco RV082 Dual WAN VPN Router
  12. Edimax EnduraLINK ER-1088 Multi WAN Routers
  13. TL-R4299G Dual WAN Router for Internet Café
  14. New WNDR4500 N900 Vs Tew-692GR N900 Routers
  15. Netgear WNDR4000 and WNDR3800 Dual Band Routers
  16. Linksys E2500 Advanced Dual Band Router Vs E2000
  17. Linksys E-4200 Dual Band Gigabit Router

Most viewed Security Management:

  1. Information security management
  2. Firewalls Security Guidelines
  3. Business Continuity and Disaster Recovery Planning
  4. An Example of LAN Network Risk Assessment
  5. Information security policy guidelines
  6. Network Security Best Practices
  7. IT Security Risk Assessment

Most Viewed Networking Concepts:

  1. Local area network topology
  2. LAN Cable - standard deployment
  3. Easy way to calculate subnet mask
  4. VLAN tutorial
  5. WAN technologies
  6. Route summarization
  7. Understanding firewall with DMZ

 
«  
  »

Internet Security Protection


Why you need Internet security protection? Exposing the computers without any protection into the wild Internet is like releasing a lamb into the jungle where lives hunger wildlife animals that are ready to attack. There are many types of malware (aka malicious software) such as Trojan horse, virus, worm, DoS attack, and so on that always threats and scan the vulnerabilities of the computer in the internet. Knowing how wild the internet is, you must provide a secured protection for your computers and your private network.

How to protect

The main task in protecting either a single computer or the whole business / enterprise network against any types of network threats is by securing the entry point with secured firewalls. The entry point here is the border between the private (trusted) network and the public (un-trusted) network. With firewalls, you can control, authenticate, filter, and log all the traffic flowing through the network border according to the security policies you have set.

A firewall must be effectively deployed and maintained which in turn will limit the security risks to your internal networks from the exploitation of the vulnerabilities in the TCP/IP protocol suite by the hackers or intruders. All the harmful traffic must be prevented from reaching the internal / trusted networks by filtering the network traffic.

Firewall diagram with two DMZ networks

Therefore for the internet security protection reasons, all the external connections to the public (un-trusted) networks must use a suitable firewall. If the requirement to host public resources such as web-servers exists, they must not be placed in the internal network but in the perimeter network (DMZ). Configuring the firewall with one or multiple DMZs is a must to protect all internal resources from being exploited by public users. This way, the public resources are separated from the corporate internal resources. See more detail about the firewall DMZ requirements here.

Deploying a firewall in the entry point of your border line network, you should follow the secure guidelines in using the firewall such as:

  • A firewall must be dedicated and hardened system
  • A firewall must support DMZ feature
  • A firewall must be well-managed and logged

For a more detail discussion about the firewall requirements click the link. This would be suitable for business and corporate computer networks that would like to manage the internet security protection professionally.

The other thing that you should be aware is the remote connection. If you allow the Tele-workers to connect remotely from home or anywhere else in the world via public / internet network, the use of encrypted Virtual private network with L2TP/IPSec is must. With VPN, you can connect securely over a public network or the internet to a remote internal network through tunnel traffic inside secure encrypted packets. VPN is a logical network that physically spans the public network.

For home users, no way you follow the complicated secured firewall configuration like in the small business and enterprise networks. Having the compact home wireless routers such as WRT610N Linksys or NETGEAR WNDR 3700 RangeMax wireless routers would be sufficient. See also guidelines in selecting the best wireless routers. If you need a better internet security protection, you can consider the DSD-150 D-Link home security adapter that can be placed between your modem and your wireless router.

Hardware solutions

For small business networks, you have wide variety of the security appliances such as SonycWall TZ-210 series. The SonicWALL TZ 210 series are security appliance series awarded with 5 star overall ratings for the best buy UTM protection under $1,000 reviewed by SC Magazine for features, ease of use, performance, documentation, support, value for money.

For small to medium sized business networks or even for enterprise networks, you can also consider Cisco ASA 5500 Series Adaptive Security Appliances. ASA 5500 series combine the technologies of Cisco PIX firewall, Cisco IPS 4200, and Cisco VPN 3000 concentrators.

By Ki Grinsing


See also previous articles:

Share
March 17th, 2010 | Tags: | Category: Internet, Network Security

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>