Control Systems

• Home

• Calendar

• ICS-CERT

• ICSJWG

• Information Products

• Training

• Recommended Practices

• Assessments

• Standards & References

• Related Sites

• FAQ

Control Systems Security Program (CSSP)

• Definition
• Associated Attack Methodologies
• Documentation
• Return to Secure Architecture Design

Firewall

Definition

In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction. A firewall is also called a Border Protection Device (BPD). A firewall has the basic task of controlling traffic between different zones of trust. Typical zones of trust include the Internet (a zone with no trust) and an internal network (a zone with high trust). The ultimate goal is to provide controlled connectivity between zones of differing trust levels through the enforcement of a security policy and connectivity model based on the least privilege principle.

Proper configuration of firewalls demands skill from the administrator. It requires considerable understanding of network protocols and of computer security. Small mistakes can render a firewall worthless as a security tool.