- The Methodical Approach and the Need for a Methodology
- Firewalls, Security, and Risk Management
- How to Think About Risk Management
- Computer Security Principles
- Firewall Recommendations and Definitions
- Why Do I Need a Firewall?
- Do I Need More Than a Firewall?
- What Kinds of Firewalls Are There?
- The Myth of "Trustworthy" or "Secure" Software
- Know Your Vulnerabilities
- Creating Security Policies
- Defense in Depth
Why Do I Need a Firewall?
If it's not already clear, there are many reasons, but the two really big ones are that there are bad people in the world who want to get in to your networks and that your network depends on millions of lines of buggy, imperfect software, usually filled with really big security holes that can compromise your assets, which no one seems to know about until it's too late.
If this doesn't sound like a problem for you, then you don't need a firewall. In practical terms, it's the very rare case when a firewall would not be helpful, especially with Linux, where we have access to many powerful and free, as in beer and speech, firewall tools. Given the tremendously powerful firewall tools included with Linux, it would be foolish not to use them. And because these tools are free, we strongly recommend that you not only build a network firewall, but that you also use iptables or ipchains on all your workstations, laptops, servers, devices, and anything else running Linux.
Thankfully, many Linux vendors have made the process of configuring desktop and server firewalls much easier by including firewalling tools that auto-magically configure iptables or ipchains on install, or any time you wish to change or install those firewall rules. And if your vendor doesn't include tools to do that, there are dozens of tools that make configuring a Linux firewall a snap. Some of them are available at our website, http://www.gotroot.com.
Just remember, like everything else we've discussed so far, firewalls are not a silver bullet. Just because you installed one doesn't mean you're safe. A firewall is a compartmentalization tool with holes in it. If you let someone through to your web service port, it's not going to protect you from web attacks; if your browser has a flaw in it, it's not going to protect from spyware that leverages that hole to attack your computer. It takes more than a firewall to manage risk these days.