The Dolphinwall Firewall program is ahead of the firewalls being currently used, focusing on the ever
more important target of company security. The function of a firewall
is not just blocking a connection through the IP address and the port, but guaranteeing real-time protection too.
"Protection" means providing four different functions:
- Statesful Inspector function. It checks the IP address, the port and
the protocol of the packets in transit in the firewall. You can analyse if a specific
packet is a member of an authorized stream and if the dimension and the checksum parameters
Today almost all firewalls support this function.
- IDS function. It blocks a packet containing a possible attack in real time.
For example we consider an HTTP request which makes use of a hole in the server WWW.
This function lets it pass because the packet is valid at IP/port level.
If a packet or a data stream, divided into more packets, contains any kind of attack,
the packet will be blocked and the connection will be closed without being damaged.
Currently 8 MBits of data can be analysed with a MTU of 1500 bytes on the WWW traffic at the same time.
It equals almost 3000 contemporary connections.
Sometimes in the nets an IDS, separated from the firewall, is inserted. It warns the administrator of the
intrusion. Such warning, however, turns out to be one of the following:
- Late-comer. The damage has already been done.
- Deceptive.The system administrator may block the access to the WWW server
with a firewall rule to authorized users.
- Dangerous. The system is considered safe. It provides access solely to the users
allowed by us and it warns about possible problems.
A hacker simply needs to set up the trojans program and his attack
quite comes off in a few seconds. This program exploits a fault in the software
and given that it is connected externally, the hacker will have
a bidirectional channel with the server. Actually, the program is legal
because it is deemed outgoing traffic. Such traffic comes from
the inner WWW server and it goes outside.
Proxy HTTP and antivirus function. It checks the html pages downloaded from Internet
before showing them on the inner browsers
of the firm. (*)
Proxy SMTP and antivirus function. It checks the e-mails before showing them on the
inner electronic mail clients of the firm. (*)
The Dolphinwall firewall is installed in two configurations:
In the first case you need the firewall program and an HTTPS server. This server allows
the configuration both of the central point and the perpherical ones.
The central point needs at least a PIII 500 computer, 128 RAM, a hard disk and two net cards.
On the other hand, the peripherical points need at least a PIII 500 computer, 128 RAM and two net cards.
- firewall/central manager
- peripherical firewall
The firewall works completely by CD-ROM. Besides, you can use a USB pen-drive for the back-up of the configuration.
Therefore, this firewall can also be installed by users who don't have specific knowledge.
(*) Additional modules.