Page 1 of 14

ITNE455-1204A-01 U3GP3

Continues for 13 more pages »
Read full document

ITNE455-1204A-01 U3GP3

  • By
  • November 2013
  • 5030 Words
  • 1 View
Page 1 of 14
Abstract
Security is embraced by the executive management staff at MJD Electronics. An important task for the Chief Security and Compliance Officer for MJD Electronics is to outline a plan that makes considerations for many of the important aspects of valid security architecture. This discussion presents more detailed information on many topics that should be included in a solid security architecture including border routers, demilitarized zones, proxy firewalls, access control lists and filters, fail-safe equipment, and more. Architecture Considerations for Perimeter Security

State-Based Filtering –
Most firewalls today utilize state-based filtering. This filtering is a mechanism in modern firewall technology that maintains a list of current, active connection states that traverse the firewall (AIU Online, 2012). When an application inside the firewall requests a connection to another application running outside the firewall, a connection state is created. The addresses of the two communicating applications are saved in a table, so that the firewall can allow all traffic between them through until the initial connection is terminated.

Without state-based connection monitoring and filtering, web pages would not display information as users would expect. This is because firewalls filter traffic using a combination of IP and port number. Web servers usually use port 80, but web based applications. Just as internet browsers, choose a random port number to listen on when a request is initiated. Without state-based filtering when the listening port number changes, the connection would be terminated and requested information would not be received. State-based or stateful filtering most significant advantage is that this technology allows the connection to stay open and active until the connection is terminated by the applications that requested the connection (Hinnerschietz, n.d.).

Another name for state-based firewalls is circuit level gateways. Rather than...