This is my first tutorial (about time!), and I would welcome any suggestions on improving it. As I have knocked it up pretty quickly, there may be a few modifications required.

I thought that I should write a little Tutorial on the purposes of Firewalls within a network. I am doing this for I recently discovered that there is a misconception that Firewalls only purpose is to protect an Internet Connection. But if you work in a large organisation (and I know that some of you do, or have) the majority of your Firewalls will not be used for this purpose.

Firstly, I would like to discuss the issue of Depth of Security. On a side note, Depth of Security should be implemented with ANY security function. Whether it be Firewalls, Password, Permissions etc.

Question. Why did the golfer wear 2 pairs of socks?
Answer. In case he gets a hole in one.

Really bad joke (don’t flame me!). This basically means that you should not rely on one security point to provide all of the security.

What if it failed?
What if there was a misconfiguration?

Your basically fux0r3d!! That is why people should try to implement Depth in their Security. If you have a Firewall protecting your Internet connection, and on the Internet facing side of your Firewall is a Router. What is the harm in putting Access Control Lists (ACL’s) on the Router?

There is no harm.

Example. What if you have a Firewall misconfiguration (whoops, I accidentally allowed all incoming NETBIOS through by Firewall) hopefully these NETBIOS requests would be dropped by your Router, and you would be safe. Phew!

Now that you have read a little about Depth of Security, you may have a better understanding about why companies may use multiple Firewalls on their network. Here are some of these reasons:

1. I will start with what we are all familiar with. Firewalling an Internet Connection. Not much explanation is required here, you need to protect your network from the wild, wild west, that is the Internet.

2. You may also want to protect some important servers (for example, security administration servers, or servers that contain confidential data) from people located on your Internal Network. By doing this, you can restrict access via Firewall rulesets to the people who really need access to them.

3. Large networks usually have Business to Business (B2B) relations, and a lot of this is done over a dedicated line . Which is basically an entry point into your network, which is not over the Internet but through a connection your network has with a telecommunication provider. As you cannot trust these B2B connections, there is a good reason to restrict their traffic with a Firewall to only access what they need.

4. KorpDeath is quoted as saying “Yeah like keeping the buggy software engineer's testlab the hell away from the corporate LAN”. And rightly so! What if these software engineers inadvertently flooded your network and chewed up all of the bandwidth? How pissed off would the boss be if they cannot access their favourite web page? And here we have another reason for segregating areas of your network with Firewalls.

I hope that someone out there in AO land has gained a bit of info out of this, and any feedback is welcomed.