9:2 Recommending a Software Firewall -Your next tasks is to recommend a software firewall

to install on a company's workstations. Your supervisor wants you to consider both

commercial and free products (e.g. free= ZoneAlarm). Research both kinds of software
firewalls, choose one product from each category and then prepare a report (1-2 pages) that
presents your choices and explains the advantages and disadvantages of each.
Answer:
Every company's systems need to guarded against those who penetrate the company's
system in order to steal information. Therefore, use of firewalls have now become a necessity
irrespective of the size and nature of company's business. Firewalls are of many types and are
manufactured by different manufacturers. Often it is tough for network administrators to
choose the right one to make the best fit for the company's requirements. There can be large
differences between the commercial and freeware firewalls. The degree of security offered, use
of installation, use and configuration can be the major factors. More than that, its needs to be
seen if the company requires hardware firewall also along with software firewalls. Many new
operating systems like Windows come with entry-level software firewalls as the users do not
realize the security risks associated with being on Internet. But these firewalls are only able to
monitor the incoming traffic on a machine and are able to do absolutely nothing for the
outbound traffic. For example, a basic breed of firewall will not be able to stop the data
transmissions happening on a machine's hard drive. Thus the freely available firewalls carry a
capacity to provide some basic protection only and should not be confused with the
commercially available best breed of firewalls.
Coming to freely available software firewalls, ZoneAlarm is the most popular of all the
firewall download programs. It provides basic security features towards both incoming and
outgoing traffic on a company's network and is well suited for new computers also. It offers
high level of security when default setting are enabled and work transparently. Once the
firewall is turned on a network, it is capable to protecting itself from malicious attacks trying to
switch it off or even from inexperienced users in the company who might turn it off by mistake
or by bad intent.
A major drawback of ZoneAlarm is that it offers limited security related to MailSafe
features. It is not fully developed to protect against visual basic scripts attack that may occur if
bad scripts are embedded in emails on the network and is not able to stop users from running
malware attached with email messages. ZoneAlarm also fails in protecting against leak-test
attacks and comes with no ID protection mechanism, which is highly needed in complex
networks of today. There is no advanced program control and neither does the free version of
the firewall contains the Smart Defense Advisor, that is otherwise available with the ZoneAlarm
Pro version. Apart from that, the network that uses ZoneAlarm needs to take care of installing
anti-virus system separately unless it pulls a commercial version of the program.
On the other hand, it is always recommended for a well-established company to go for a
commercially available firewall as they offer much higher level of security as compared to the
freeware. The company can choose McAfee Virus Scan Plus which is a cutting-edge firewall.
McAfee is far more better choice than ZoneAlarm if the company provides Internet connectivity
to its users 24X7. Apart from providing high level of security in all ways, it safeguards both the
incoming and outgoing traffic. It also comes as an integration of antivirus, antirootkit and
antispyware. McAfee also comes with a SiteAdvisor that is able to suggest the users that they
may visiting malicious websites. QuickClean program can be used to optimize the computer's
performance. McAfee conducts risk assessment when the users send emails or download files
from Internet and it shall not let the malicious advertisement pop on user's screen. McAfee is
much more user friendly as it keeps displaying information that is user friendly and it allows
users to delete the not-needed application along with their cookies, memory, cache and
browser history.

10:1 Firewall Selection Parameters - You work for a network consulting firm and you have
been asked to create a guide for firewall selection. Create an outline for a section that lists
and defines the most important parameters of firewall functions (e.g. such as throughput,
etc.).
Answer:
There are many parameters that must be evaluated well when considering a firewall
solution for a company's network. It is important that each of the following parameters are
looked into deeply before making a selection decision:
Number of users
The choice of firewall must depend upon the number of users who will be using
the network at a given time. The more the number of users, the higher class of
firewall is needed. Firewalls available today are classified from SOHO (Small
Office, Home Office) to more expensive enterprise class firewalls.
Random access memory
Choice of correct RAM is extremely important for a firewall to function well. The
two types of RAM that hold importance while judging the compatibility with
firewall are DRAM (Dynamic RAM) and SRAM (Static RAM). Networks with
smaller number of users must choose DRAM.
Address translation
Firewall must be able to perform network address translation (NAT) functionality
that lets a business afford the capability to translate an illegal or private IP
address into a legal public address and in turn, protect the anatomy of the
network.
Inbound and outbound filtering
Firewall must be able to detect what is passing through it in either direction. It
must be able to filter malicious content coming to the network and going out of
the network.
Stealth mode
A good firewall must be able to put an entire network or some computers on a
network into a stealth mode where the computers are kept hidden from the
Internet world even when they are connected to Internet.
Privacy protection
Firewall must be able to block spyware, hijackers and adware from reaching to
the computer.
Application Integrity
Firewall must monitor files on machines connected to the network to
understand how the files were modified or launched. Any kind of evil changes
must be notified to the users.
Intrusion detection
Firewall must scan the incoming data for signatures of known methods and
notify users when any attack is recognized.
Notifications
The firewall must work transparently and keep sending notifications to the users
to show them what is happening on the firewall.