Elements of Wellness Physicians

SpacerTnsco HomeTnsco SystemsTnsco TechnologyTnsco Thermography FLIR SystemsTnsco educationTnsco DirectionsTnsco Contact Us

 

 

Below you will see the 4 examples of System Configuration, so you can understand the the types of systems we Design, Build, and Develop for our clients.

ONE - Typical Firewall Configuration : In a typical firewall configuration, a firewall is placed between the Internet and the organization's servers or office computers. The firewall will block all unauthorized inbound and/or outbound traffic.

TWO - Firewall with Demilitarized Zone (DMZ) Configuration : In this scenario, server "A" has special requirements which might make it more vulnerable to intrusion. For additional security, Server "A" is placed on a separate network segment with its own firewall rules. If a hacker manages to compromise server "A", the hacker will still not be able to gain access to the other servers because they are on a different network segment protected by their own firewall rules.

THREE - Firewall with Failover Configuration : In this scenario, a backup firewall is installed. The backup device will continuously monitor the "health" of the primary firewall. If the primary firewall fails, the backup firewall will assume the IP address of the failed primary firewall and take over the firewall duties. You might choose to install a backup firewall if your Internet service is mission critical and you cannot tolerate extended periods of downtime due to hardware failure.

FOUR - Virtual Private Network (VPN) Configuration : In this scenario, a VPN connection (the red dotted lines) is configured between:

1. Office "A" and Office "B"
2. The home user and Office "A"

Each VPN connection is transported over the public Internet in a secure, encrypted tunnel.

  

What is a firewall?
A firewall is a device which prevents unauthorized access to or from a private network. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet. The firewall is positioned between the Internet connection and the private network. All data entering and leaving the private network passes through the firewall. The firewall will only let traffic into (or out of) the private network which meets specified security criteria. Refer to the sample network diagram which shows a typical firewall configuration.

Why do I need a firewall?
If you have one or more computers or servers connected to the Internet, it is imperative that these systems are protected by a firewall. Most computers and servers run a multitude of “services”, many of which are required for normal operation of the system. However, many of these services should not be accessible to everyone on the Internet. For example, you may have a file server or a network “share” which is used by employees in your office to store files on. A firewall should be used to block all external access to that file server so Internet users cannot access your confidential files. A properly configured firewall will block access to all services running on your internal systems. A firewall will also prevent many “denial of service” attacks from reaching your internal network.

Will a firewall give me complete protection?
Depending on your network configuration, a firewall may not provide complete protection. If you need to allow certain traffic through your firewall, that access point could be used to take advantage of a vulnerability elsewhere in your network. Example: You have an internal network which connects all of your employees' computers together. Your network is protected by a firewall. On your network, you have a server which hosts your company's website. To allow people on the Internet to access your website, you add a rule to your firewall to only allow web traffic (port 80) through the firewall to just the internal web server. The problem is that the web server software running on your server could have one or more vulnerabilities which allow a hacker to take control of your web server machine. Once the hacker has control of your server, he might then be able to access other internal systems on your network which “trust” the web server machine. If you do need to provide unrestricted external access to some internal systems through the firewall, you need to ensure those internal systems are secure from attack. You should consider your firewall to be one “layer” in a multi-layered security strategy. Your security strategy should include other layers which address application-layer security on your publicly accessible servers, physical security, etc.