Firewall protects remote office networks

Swiss security appliance manufacturer Lightning has launched an enterprise firewall to complement its Speedsurf and Ethernet II...

Swiss security appliance manufacturer Lightning has launched an enterprise firewall to complement its Speedsurf and Ethernet II and III remote office systems, writes Eric Doyle.

The Multicom Enterprise Ethernet firewall appliance employs stateful inspection to ensure that only permitted packets are passed from the Wan to the Lan.

Gilles Trachsel, product marketing manager at Lightning, said, "Customers are starting to demand stronger security so, by default, everything is initially blocked by the Multicom. Only if the firewall has a corresponding request from the Lan will a packet be passed through."

The inspection of the packets protects against denial of service attacks, port scanning and spoofing but the Multicom also supports several encryption algorithms including DES and 3DES, Twofish, Blowfish, Idea, AES and Cast128. The IPSec basis of the module also means that it is able to act as a virtual private network aggregator in both tunnel and transport modes.

Externally-exclusive protection is not always required, especially where public servers are to be accessed from outside the company. To facilitate this, each module has a dedicated DMZ port to separate potential threats from corporate resources.

Trachsel underlined the placement of the Multicom as a central office firewall but added that the Lightning products are built to be compatible down to the configuration files. "The Multicom has more power and speed than Speedsurf but it can be configured to match an existing Speedsurf module by exporting and importing a file," he said.

For configuring, the modules can be accessed from the Lan using any Windows, Macintosh or Linux client, but they can can also be accessed across the Web. At the moment this is only password-protected access, but in May HTTPS secure connections will be added.

What is stateful inspection?
Stateful inspection, or dynamic packet filtering, works at the network layer. Unlike static packet filtering, which examines the header of a packet, a stateful firewall can dig deeper to examine the contents of the packet, through to the application layer, to find out more than just the source and destination information.

Stateful inspection also monitors the state of all connections and compiles a state table. This allows filtering decisions to be based on context, established by previous packets that passed through the firewall, as well as administrator-defined rules used in static packet filtering.

Read more on IT risk management