Model
Data has been secured in the past using a HOST based model which does not scale to a more distributed and diverse networking environment. With the added flexibility provided by client server technology and increased access to Internet services, the VCCS will need to protect resources from new security exposures.
Since the VCCS is using the Internet as a method of transmitting and receiving data, there is a necessity to provide some level of protection to ensure accuracy, integrity, accessibility and authenticity for that data. A firewall provides the opportunity to determine if the Internet traffic is acceptable.
No security model can prevent every single incident, yet an effective model can keep an incident from seriously damaging or shutting down the business. This model allows an enormous amount of leverage for network security because it provides the capability to concentrate security measures at the point where the campus network connects to the internet and to sensitive and confidential application servers.
In summary, many of the services that people want from the Internet are inherently insecure. The firewall is the traffic cop for these services. Because all traffic passes through the firewall, the firewall provides a good place to collect information about system and network use-and misuse. A firewall limits exposure to the internal networks (Intranet) and implemented properly, firewalls are very effective at keeping out unauthorized users and stopping unwanted activities on an internal network.
This model should be reviewed as necessary to reflect changes in technology and customer requirements.
Return to Technology Models