Active Firewall Elements………..
The structure of an active firewall element, which is integrated in the communication interface between the insecure public network and the private network is shown in Figure. To provide necessary security services, following components are required:
Integration Module: It integrates the active firewall element into the communication system with the help of device drivers. In case of packet filters, the integration is above the Network Access Layer, where as it is above the Transport layer ports in case of Application Gateway.
Analysis Module: Based on the capabilities of the firewall, the communication data is analysed in the Analysis Module. The results of the analysis is passed on to the Decision Module.
Decision Module: The Decision Module evalutes and compares the results of the analysis with the security policy definitions stored in the Ruleset and the communication data is allowed or prevented based the outcome of the comparision.
Processing module for Securityrelated Events: Based on ruleset, configuration settings and the message received from the decision module, it writes on the logbook and generates alarm message to the Security Management System.
Authentication Module: This module is responsible for the identification and authentication of the instances that are communicated through the firewall system.
Ruleset: It contains all the information necessary to make a decision for or against the transmission of communication data through the Firewall and it also defines the security-releted events to be logged.
Logbook: All security-related events that occur during operation are recorded in the loogbook based on the existing ruleset.
Security Management System: It provides an interface where the administrator enter and maintain the ruleset. It also analyses the data entered in the logbook.