IT Security

Anti-Spoofing - Detecting when the source of the network traffic is being "spoofed", i.e., when an individual attempting to access a blocked service alters the source address in the message so that the traffic is allowed.

Authentication - Firewall rules can be set up so that communication sessions between a computer initiating a communication session aith a specific target device over a specific port only proceed if the user successfully logs into the firewall first. Typically, firewalls can support multiple authentication methods including locally-stored passwords, directory-based passwords, secure tokens, etc.

Network Address Translation (NAT) - Changing the network addresses of devices on any side of the firewall to hide their true addresses from devices on other sides. There are two ways NAT is performed:

• One-to-One - where each true address is translated to a unique translated address.
• Many-to-One - where all true addresses are translated to a single address, usually that of the firewall.

Virtual Private Networks - VPNs are communications sessions traversing public networks that have been made virtually private through the use of encryption technology. VPN sessions are defined by creating a firewall rule that requires encryption for any session that meets specific criteria, i.e., the communications session is initiated by one of the computers listed as a "source", is destined for one of the computers listed as a "destination", and the requested connection is to one of the destination ports specified. Note - The session is only encrypted between the initiating computer and the firewall. The session is not encrypted between the firewall and the target system.

In order to do establish a VPN, the firewall and the client device must be prepared to use the same encryption technology, e.g., proprietary, standards-based. Typically, firewall-based encryption requires user authentication before the session may proceed.