- The Methodical Approach and the Need for a Methodology
- Firewalls, Security, and Risk Management
- How to Think About Risk Management
- Computer Security Principles
- Firewall Recommendations and Definitions
- Why Do I Need a Firewall?
- Do I Need More Than a Firewall?
- What Kinds of Firewalls Are There?
- The Myth of "Trustworthy" or "Secure" Software
- Know Your Vulnerabilities
- Creating Security Policies
- Defense in Depth
Even though this is a book specifically about firewalls, we would be remiss if we did not point out that security requires more than just deploying a firewall. A firewall will not protect your systems from many of the electronic threats they may face. Remember, a firewall is just one security tool; it's not a silver bullet! We'll discuss this in more detail in the next chapter, but suffice it to say that firewalls are over emphasized in many security plans. At the very least, plan for what you will do if your firewall fails you miserably. Create a plan to recover and build in additional layers of defense to protect your assets.
As to the purpose of this book and its goals, troubleshooting your firewall will require you to develop an approach to solve problems. In later chapters we describe the methodology we use, which also happens to be used by the U.S. Army, emergency medicine, and other high-pressure fields to quickly arrive at the root cause of a problem, to implement a solution, and to test the effectiveness of the implemented solution. You will find that this approach will not only save you time, but it also will save you the trouble of potentially making the problem worse.