With the enormous growth of the Internet, companies are beginning to depend on having an online presence on the Internet. With that presence come security risks that allow outside individuals to gain access to critical information and resources.

Companies are now faced with the task of implementing security measures to protect their data and resources. These resources can be very diversified, such as Web servers, mail servers, FTP servers, databases, or any type of networked devices. Figure 9.1 displays a typical company network with access to the Internet via a leased line without a firewall in place.

As you can see in Figure 9.1, company XYZ has a direct connection to the Internet. They are also using a class C public IP address space for their network, therefore making it publicly available to anyone who wishes to access it. Without any security measures, individuals are able to access each of the devices on the network with a public IP. Private information can be compromised, and other malicious attacks such as Denial of Service (DoS) can occur. If a firewall was placed between company XYZ s network and the Internet, security measures can then be taken to filter and block unwanted traffic. Without any access control at the network perimeter, a company s security relies on proper configuration and security on each individual host and server. This can be an administrative nightmare if hundreds of devices need to be configured for this purpose.

Figure 9.1: Typical LAN with...