Chapter 1: Introduction to Information Security


Introduction

In an age where our society relies so heavily on electronic communication, the need for information security is constantly increasing. Given the value and confidential nature of the information that exists on today's networks, CIOs are finding that an investment in security is extremely beneficial. Without security, a company can suffer from theft or alteration of data, legal ramifications, and other issues that all result in monetary losses.

In this chapter, we look at the big picture: what we mean by network security in general and Internet security in particular; why it's necessary and how we can create a comprehensive security policy to protect our networks from unauthorized access.

Network security is a hot topic and is growing into a high-profile (and often highly-paid) IT specialty area. Security-related Web sites such as Net-Security (www.net-security.org), SecurityFocus (www.securityfocus.com), and Packetstorm Security (www.packetstormsecurity.org) are tremendously popular with savvy Internet users. Esoteric security measures such as biometric identification and authentication—formerly the province of science fiction writers and perhaps a few ultrasecretive government agencies—have become almost commonplace in corporate America.

Yet with all this focus on security, many organizations implement security measures in an almost haphazard way, with no well-considered plan for making all the parts fit together. Computer security involves many aspects of safekeeping, from protection of the physical equipment to protection of the electronic bits and bytes that make up the information that resides on the network.

In the next section, we provide a brief overview of what we mean by security in general and how the concept applies to your computer network. This chapter focuses on generic computer and Internet security concepts and the way to develop a comprehensive security plan for your organization. In order to understand how firewalls are used in a network, you need to understand the basics of network security. A firewall is not a "security solution" per se; instead, it is part of your security solution.

However, a firewall is a big part of most network security solutions. A firewall is the guardian to the castle at the moat: the firewall decides what is let in and what is let out. This is done through your firewall rules, which are policy-defined. A firewall can be various devices, from a Solaris system to a separate hardware appliance. No matter what type of package a firewall comes in, its job is the same: be the guardian of your network.




The Best Damn Firewall Book Period
The Best Damn Firewall Book Period
ISBN: 1931836906
EAN: 2147483647
Year: 2003
Pages: 240

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net