Your organization has purchased a new firewall, and the network administrator has asked you to help configure the firewall to meet the organization's security needs.
Identify the firewall features that will provide the necessary level of protection for your organization's network. For each question, implement one of the following firewall features:
- Static address mapping
- Packet filtering
- Stateful inspection
- Content filtering
- Time-out tolerance
For each question, identify the firewall feature or features that are required to provide the necessary level of security and explain how you would configure the feature. Answers can be found in the appendix.
- Last year your network was down for three days when an e-mail attachment virus attacked the network. The firewall that you implement must detect virus-infected attachments in e-mail messages arriving from the Internet and remove the content before it's delivered to the recipient.
- When you initially placed your Web server on the Internet, you assigned the Web server an address from the public pool of IP addresses provided by your ISP. Now that the Web server is in a DMZ, the external firewall must translate all incoming traffic from the public network address advertised on the Internet to the actual IP address used on the private network.
- The Web server was compromised last month when a hacker connected to the Web server and scanned the available ports. The hacker was able to connect to the Web server's Server service and browse shares located on the Web server. What firewall feature will limit connections only to authorized protocols?
- An application server in the extranet must send SNMP trap messages and respond to SNMP requests from an SNMP management station located on the private network. The firewall must ensure that an attacker can't impersonate the application server and access information by using the SNMP protocol. What feature will provide this protection?
- Last year several commercial Web sites were shut down by distributed denial of service (DDoS) attacks that used a SYN flooding attack. Your Web server is a key component of your e-business strategy, and your Web site's being unavailable for any length of time would be catastrophic to your income and reputation. What firewall feature can lessen the effect of DDoS attacks?
- Several computers on the private network must connect to servers on the Internet that belong to competitors in your industry. Management doesn't want these connections to provide information on the configuration of your organization's private network. What firewall feature would prevent outbound traffic from revealing your network's private network IP address scheme?