Business network models compare Remote Monitoring and firewalls in relationship to the OSI model. Screening router functions primarily correspond to the network (IP protocol) and transport (TCP protocol) layers of the OSI model.
Remote monitoring devices also can include the data link and physical layers, however, because most filtering systems apply to the type of interface, the network media in use, and even the MAC address itself. Firewalls often are described as gateways. Gateways can perform processing at all the seven layers of the OSI model. Typically, gateways perform processing at the seventh (application) layer of the OSI model. This is true for most firewall gateways also shows that because firewalls cover the network and transport layers, they can perform packet filtering functions. Some vendors, for marketing reasons perhaps, blur the distinction between a screening router and a firewall, to the extent that they call their screening router products firewall products. For the sake of clarity, this
book makes the distinction between remote monitoring technologies and firewalls based on the OSI model.
Sometimes remote monitoring applications are also called packet filter gateways. Perhaps one justification of the use of the term gateway for the packet filter device is that filtering based on the TCP flags done at the transport layer is not a function of the router that operates at the network layer of the OSI model. Devices that operate above the network layer also are called gateways. It is thus important to understand how remote technology and network monitoring can be combined to provide robust network security.
Remote monitoring can use packet filtering as a means to enhance network security. The screening function also can be performed by many commercial firewall products and by software-based products such as the Karlbridge PC-Based Filters. However, many commercial routers can be programmed to perform filtering. Router vendors such as Cisco, Wellfleet, 3COM, Digital, Newbridge, ACC, and many others provide routers that can be programmed to perform packet filtering functions.
Packet filtering can be used to implement a wide variety of network security policies. The network security policy must clearly state the types of resources and services that are being protected, their level of importance, and the people from whom the services are being protected. Generally the network security policy guidelines are focused more in keeping outsiders out, than trying to police insiders. For example, it is more important to prevent outsiders from breaking in and intentionally exposing sensitive data or disrupting services than preventing insiders from using external network services. This type of network security policy determines where Remote monitoring should be placed and programmed to perform packet filtering. Good network security implementations also should make it difficult for insiders to harm the network security. This usually is not the major thrust of security efforts.
This was a guest article from Jhon Lutera.
Author is a security and management expert in multinational company. He writes about how remote infrastructure monitoring can be benefical for business.