Computer networks are typically a shared reso urce used by many applications for many different purposes. Sometimes the data transmitted between application processes is confidential, and the application users would pr efer that others not be able to read it. A firewall is a specially programmed router that sits between a site and the rest of the network. It is a router in the sense that it is connected to two or more physical networks and it forwards packets from one network to another, but it also filters the packets that flow through it. A firewall allows the system administrator to implement a security policy in one centralized place. Filter-based firewalls are the simplest and most widely deployed type of firewall. They are configured with a table of addresses that characterize the packets they will and will not forward. A VPN is an example of providing a controlled connectivity over a public network such as the Internet. VPNs utilize a concept called an IP tunnel —a virtual point-to-point link between a pair of nodes that are actually se parated by an arbitrary number of networks. The virtual link is created within the router at t he entrance to the tunnel by providing it with the IP address of the router at the far end of the tunnel. Whenever the router at the entrance of the tunnel wants to send a packet over this virtual link, it encapsulates the packet inside an IP datagram. The destination address in the IP header is the address of the router at the far end of the tunnel, while t he source address is that of the encapsulating router. In this lab you will set up a network where servers are accessed ov er the Internet by customers who have different privileges. You will study ho w firewalls and VPNs can provide security to the information in the se rvers while maintaining access for customers with the appropriate privilege
Download Broshure