RE: Client End Firewalls

From: Shawn Jackson (sjackson_at_horizonusa.com)
Date: 09/30/04

Next message: Kelly Martin: "SF new column announcement: Open Source Versus Closed Source Security"

Previous message: Adrian DuPre: "Re: Remote Control"
Maybe in reply to: Grant.Orchard_at_aws.aust.com: "Client End Firewalls"
Next in thread: GuidoZ: "Re: Client End Firewalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 30 Sep 2004 08:02:47 -0700
To: <Grant.Orchard@aws.aust.com>, <security-basics@securityfocus.com>

> How much protection do you believe client side firewalls
> provide? My boss has asked for my thoughts on a system like
> Zone Labs are now offering. Can anyone provide me with their
> thoughts on what benefits this actually provides?

Good client side firewalls can control what applications open ports and
send/receive traffic. In a corporate LAN which is protected by firewalls
and other network security equipment you are really just setting up more
pain for yourself by installing client firewalls. Using a product like
Symantec Enterprise Edition with their NIS firewall is extremely useful
for roaming (read: laptop) clients. Any of the 'Enterprise' class client
software firewalls usually have centralized management. Client firewalls
provide a good level of protection, but don't offer the Layer 4 and
higher inspection of traffic like 'normal' firewalls.

Pros:
-----
Protects against malicious applications on the host
Can control what applications have network access
Adds another level of protection to the host and network
Assists in prevent prorogation of virii and worms inside the network

Cons:
-----
Can be hard to manage
Can confuse the user
Uses host resources (Memory, CPU time)
Increases network complexity
Can cause compatibility issues

Recommended Deployment:
-----------------------
High Risk/High Security Networks
Roaming Systems (i.e. Laptops)
DMZ Servers/Systems

Shawn Jackson
Systems Administrator
Horizon USA
1190 Trademark Dr #107
Reno NV 89521

www.horizonusa.com
Email: sjackson@horizonusa.com
Phone: (775) 858-2338
(800) 325-1199 x338
Fax: (775) 858-2330

Next message: Kelly Martin: "SF new column announcement: Open Source Versus Closed Source Security"

Previous message: Adrian DuPre: "Re: Remote Control"
Maybe in reply to: Grant.Orchard_at_aws.aust.com: "Client End Firewalls"
Next in thread: GuidoZ: "Re: Client End Firewalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Presentation: Bypassing client application protection techniques with notepad
... Bypassing client application protection techniques ... Kerio Personal Firewall 4.0 ... Last years were revolutionary for network services infrastructure ...
(NT-Bugtraq)
Presentation: Bypassing client application protection techniques with notepad
... Bypassing client application protection techniques ... Kerio Personal Firewall 4.0 ... Last years were revolutionary for network services infrastructure ...
(Bugtraq)
[Full-Disclosure] Presentation: Bypassing client application protection techniques with notepad
... Bypassing client application protection techniques ... Kerio Personal Firewall 4.0 ... Last years were revolutionary for network services infrastructure ...
(Full-Disclosure)
Firewalls and PCI
... firewalls between our various networks. ... pass through a router), a LAN, a DMZ, and another network which houses ... The client wants another physical firewall between each subnet. ...
(Security-Basics)
RE: Client End Firewalls
... what client firewall product would you recommend? ... Subject: Client End Firewalls ... if there is no desktop protection. ... use or disclose it without the written authorisation of AWS. ...
(Security-Basics)