A computer input device that reads the BAR CODE printed on an article of merchandise and converts it to a number: such readers depend on the reflection of a low-powered laser beam to read the pattern of stripes. Bar code readers are available both as hand-held units for stocktaking, and built into tills or supermarket checkout stations.
A pattern of vertical black stripes, of variable width, printed on the packaging of merchandise sold in shops to enable automatic stock control and pricing: the stripe widths encode a number that identifies the item. A BAR CODE READER measures these stripes to calculate the number, which can then be looked up in a price database by software running in a POINT-OF-SALE TERMINAL.
A Virtual Private Network (VPN) is that private network built on a public network. The reasons that push the market in that direction are, mainly, of costs: it is much cheaper to interconnect delegations using a public infrastructure than to deploy a physically private network.
Virtual Private Networks (VPNs) use advanced encryption and tunneling so that organizations can establish secure private end-to-end network connections over third-party networks, such as the Internet or extranets. When leveraging third-party networks through VPNs, organizations do not have to continue using costly leased lines or Frame Relay lines, which are generally tricky to dispose of for remote locations. VPNs also allow secure connectivity with suppliers and partners, allowing the use of new networked business applications. VPNs also connect remote users and mobile users to the corporate network through a local Internet service provider, rather than through expensive long distance calls. Also, VPNs offer a much higher level of security, through their advanced encryption protocols, thus making the data can only read by the receiver to which they sent.
Types of VPNs
VPNs are generally divided into three categories: intranet, extranet and remote access.
• Intranet (site-to-site): they are indicated to connect fixed locations, branches, branches, and remote offices. They normally use dedicated connections within the company’s WAN communications structure based on an operator’s private IP network.
• Extranet: implemented to expand network services and provide limited and secure access to partners and customers of a company. These extensions are generally supported by public networks (typically the Internet, the public IP network par excellence), for client accesses and private IP networks with higher quality access for partners and collaborators.
• Remote access: they provide secure access to mobile users and small offices with very basic communication needs. They use existing access networks, RTB and ISDN, to connect over the Internet.
It is interesting to highlight at this point, the difference between implementing a VPN over a private IP network or a public network (Internet).
On a private IP network, the corresponding operator can ensure an agreed quality of service (SLA) and can control and monitor its network to optimize its performance. They are networks designed and intended for corporate traffic that do not compete for bandwidth resources against domestic users who surf the Internet. Finally, being private networks intrinsically carry security and do not need to add costly encryption protocols in terms of equipment, delays, packet size increase, etc. Even so, they can implement if the security requirements are so strict that they demand them.
On a public IP network such as the Internet, no quality of service can guaranteed since no one controls the level of network congestion. The traffic belonging to an enterprise VPN compete for bandwidth resources against countless domestic users browsing for the latest news or only “chatting” with their circumstantial contacts. It can significantly degrade the performance offered by a VPN. Also, the cumulative effects of encryption protocols, which generally produce an increase in packet size (although there are some compression techniques) and introduce an inevitable delay in the end-to-end transmission-reception process, must be considered.
How a VPN constituted
However, let’s see how a VPN built. As the name implies, virtual means that the network that forms the VPN constructed from logical elements rather than physical devices (these certainly exist as the medium that supports the logical network). Unlike traditional links, dedicated lines, for example, VPNs do not maintain permanent links between the endpoints that make up the corporate network. It occurs because the Internet serves as the basis for these connections, and the structure of the Internet is dynamic. When you need to connect two sites, the link created, once it is stopped using, the connection is destroyed freeing resources for other users.
These connections are called tunnels. These may consist of two endpoints, whether these are single computers or networks. Security bridges (gateways) that serve as a filter to stop intruders should include. These bridges can be a “router” or a wall of fire (firewall).
To demonstrate how vital VPNs are, we can now see that the PPTP network protocol already included in the Microsoft Windows NT 4.0, Windows 98 and Windows 2000 operating systems, which allows workstations to connect to a VPN.
As we saw before, what we need at both points of the VPN is to have Internet connections. Of course, on the side of the Central Office, we require links with sufficient bandwidth, and surely the link on this site is permanent. It is recommended to use security devices (firewalls) that separate the network from unauthorized access from the Internet. For users, there are so-called personal firewalls, which have a lower capacity and price. A hardware firewall can cost $ 3,000.00. We can find personal firewalls from $ 20.00 or even free
It is evident that behind this explosion, there are several benefits over the traditional network that companies have been able to appreciate. The main advantages include:
• Reduced costs: The total cost of ownership (TCO) reduced since bandwidth, trunk equipment and operations are less expensive. In fact, according to Infonetics, a network management consulting company, LAN-to-LAN connectivity costs usually are reduced between 20 and 40% compared to leased line networks, while reducing costs for solutions Remote access estimated between 60 and 80%.
• It makes possible the Internet economy, favoring the agility of the business network – VPNs intrinsically present a more flexible and scalable architecture than classic WANs and, therefore, make it possible for companies to expand their connectivity quickly and profitably, which is conducive to the connection and disconnection of remote offices, international sites, teleworkers, mobile users with local call services (roaming) and the inclusion of external collaborators as required by the company.
• Reduces management problems: Companies can outsource a good part or all of their WAN communications through an operator, making it possible for companies to focus their activities on the essential objectives of their business, instead of having to worry about the management of your WAN network or remote centers.
• Simplify the network topologies: By implementing an IP trunk that eliminates the permanent virtual circuits (PVCs) associated with the connection protocols, such as those of the Frame Relay, a fully open network topology created, thereby complexity and network costs are reduced.
• It serves as a support for the installation of value-added services such as VoIP, Video Conference, etc.
Importance of Virtual Private Networks
The network of networks, the Internet becomes increasingly important. Every day there are faster access speeds, and the range of services offered through the Internet widened. It happens that many companies or institutions, with particular growth, have established branches or terminals which have their computers. In many cases, it is necessary to connect these computers to the central office network. We also have the case of remote users, employees, who connect from home or when they are traveling to, for example, check their email.
One of the solutions that have found to the problem of the remote connection is that of Virtual Private Networks or VPN, according to its acronym in English, which use the open Internet infrastructure to transmit corporate data between offices or branches. When we talk about corporate data, we mean private information to a company or institution.
The intention here is to take advantage of the infrastructure of Internet providers (ISP) to interconnect remote users at a low cost. VPNs allow system administrators to connect the branches of a corporation with the central office in an economical way. Also, they provide remote access to employees while reducing equipment and support spending.
Also, often mobilized employees, such as sales representatives, can connect to the office network from any place where there is access (a phone number) to an Internet provider.
Types of e – commerce:-
Business to customer (B to C):-It means the consumer is motivated by business.
B to C working
1. visiting the virtual mall- customer visits the mall by browsing the outline catalogue.
2. customer registers- customer has to register to become part of the site’s shopper registry
3. customer buys product.
4. merchant processes the order- the merchant then processes the order that is received from the previous stage & fills up the necessary forms.
5. credit card is processed:- credit card of the customer is authenticated thorugh a payment gateway or a bank.
6. shipment & delivery:- the product is then shipped to customer.
7. customer receives:- the product is received by customer and is verified.
8. After sales service:- after sale, the firm wants to maintains a good relationship with its customers. It is called CRM customer relationship management.
2. Business to business (B to B):- this is called as a business motivated by another business.
B2B is classified as:-
1. market place:- a digital electronic market place where suppliers and commercial purchasers can conduct transactions.
2. e – distributors:- a company that suppliers products and services directly to individual business.
3. B2B service provider:- it is a company that aells access to internet based software application to another companies.
4. infomediary:- a company whose business model is premised upon gathering information about customers & selling it to other businesses.
3. Consumer to business (C to B):- a business motivated by a customer.
The various C2B classified into:-
1. idea collectors:- consumers generally have a great idea about how to improve the existing products and what new features can be added to new products. E.g. ideas.com
2. reverse auctions:- it allow prospective airline travelers to visit the website and name their price for traval between only pair of city. If an airline is willing to issue a ticket at there price, the passenger is obligated to buy.
3. Consumer to consumer (C to C):-
In this type, a consumer is motivated by another consumer. Consumers sells directly to other consumers via online classified ads and auctions, or by selling personal services or expertise online. E.g. ebay.com
Limitations of ecommerce:
1. Security: the security risk in ecommerce can be
• client / server risk
• data transfer and transaction risk
• virus risk
2. High start up cost:
The various components of cost involved with ecommerce are:-
• connection:- connection cost to the internet.
• hardware / software:- this includes cost of sophisticated computer, moduer, routers, etc.
• maintenance:- this include cost invole in traning of employees and maintenance of web-pages.
3. Legal issues:- these issues arises when the customer data is fall in the hands of strangers.
4. Lack of skilled personnel:- there is difficulty in finding skilled www developers and knowledgeable professionals to manage and a maintain customer on line.
5. Loss of contact with customers:- Sometimes customers feels that they doesnot have received sufficient personal attention.
7. Some business process may never be available to ecommerce:- Some items such as foods, high cost items such as jwellery may be impossible to be available on the internet.
Advantage of e – commerce:-
1. Facilitates the globalization of business:-e – commerce facilitates the globalization of business by providing some economical access to distant markets and by supporting new opportunities for firms to increase economies by distributing their products internationally.
2. Provides increased purchasing opportunities for the buyer:-As e – commerce increases sales opportunities for the seller, it also increases purchasing opportunities for buyer.
3. Lowering staffing cost:- As in e – commerce, the selling & purchasing process is outline, the amount of interaction with staff is minimized.
4. Market based expansion:- An e – commerce is open to entirely new group of users, which include employees, customers, suppliers & business partners.
5. Increased profits:-With e – commerce, companies reach more & more customers where physical commerce cannot reached, thus increasing profits.
6. Increased customer service & loyality:- e – commerce enables a company to be open for business wherever a customer needs it.
7. Increase speed & accuracy:- E – commerce see the speed and accuracy with which business can exchange information, which reduces cost on both sides of transactions. It is available 24 hours a day & 7 days a weak.
8. Reduction of paper storage.
9. Increased response times:- In e – commerce, the interaction with the system take place in real time & therefore allows customer or bidder to respond more quickly & thus reduces the time of discussion between then as in traditional commerce.
Conducting business online. Selling goods, in the traditional sense, is possible to do electronically because of certain software programs that run the main functions of an e-commerce Web site, including product display, online ordering, and inventory management.
The software resides on a commerce server and works in conjunction with online payment systems to process payments. Since these servers and data lines make up the backbone of the Internet, in a broad sense, e-commerce means doing business over interconnected networks.
The definition of e-commerce includes business activities that are business-to-business (B2B), business-to-consumer (B2C), extended enterprise computing (also known as “newly emerging value chains”), d-commerce, and m-commerce. E-commerce is a major factor in the U.S. economy because it assists companies with many levels of current business transactions, as well as creating new online business opportunities that are global in nature. Here are a few examples of e-commerce:
Accepting credit cards for commercial online sales.
Generating online advertising revenue.
Trading stock in an online brokerage account.
Driving information through a company via its intranet.
Driving manufacturing and distribution through a value chain with partners on an extranet.
Selling to consumers on a pay-per-download basis, through a Web site.
The term commerce is define as trading of good & services or if ‘e’ for ‘electronic’ is added to this, the definition of e – commerce is defined as trading of goods, services, information or anything else of value between two entities over the internet.
Following are some definations of e – commerce:-
1. It is the ability to conduct business electronically over the internet.
2. It means managing transactions using networking and electronic means.
3. It is a platform for selling products & services via internet.
Characteristics of e – commerce:-
1. Establishment of B to B relationship.
2. Electronic payment.
3. e – distribution of products & services.
4. Exchange of information.
5. Pre and post – sales support.
6. Customer relationship management.
1992 saw the release of Tim Berner-Lee’s World Wide Web. It was with the World Wide Web that the world really began to see the development of E-Commerce as we know it today. By 1994 corporations like Pizza Hut began to take orders for pizza over their website, showing that the World Wide Web was truly beginning to take hold as a commercially viable endeavor.
It was also in this year that the first commercially successful web browser, Mosiac, became available. Marc Andreessen spearheaded its creation which allowed for point-and-click access to the World Wide Web. Mosaic was adapted by Marc Andreessen and Jim Clark into the downloadable Netscape browser.
The software was downloadable over the World Wide Web, which made the simple touse browser available to customers everywhere for free. With easy navigation of the World Wide Web and the number of personal computers in use increasing daily, the E-Commerce Boom was well on its way. Over the next couple of years commercial entities began to realize the importance of having their presence on the Web. On-Tutorial Project – WIPO Worldwide Academy Overview of E-Commerce In 1997 DSL (Digital Subscriber Line) service was rolled out in California.
This service allowed customers to connect to the internet at speeds fifty times faster than the typical modem dial up speed of 28.8 kilobits per second. It is this continual connection to the Internet, which increases use and drives greater commerce. 1998 saw E-Commerce take off, as companies were selling their services and goods over the Web and accessing clients that they never had access to before the Web. 1998 also saw the privatization of an important aspect of the Web. ICANN (Internet Corporation for Assigned Names and Numbers) was formed in October of 1998. ICANN is a nonprofit, private-sector corporation formed by a broad coalition of the Internet’s business, technical, academic, and user communities.
ICANN has been recognized by the U.S. and other governments as the global consensus entity to coordinate the technical management of the Internet’s domain name system, the allocation of IP address space, the assignment of protocol parameters, and the management of the root server system. In 1999 Napster and its creator, Sean Flemming, came into the scene. Napster allowed music files to be transferred over the Web by converting them into MP3 files. This software turned the recording industry on its head and copyright owners everywhere were concerned with the possible ramifications that Pier-to-Pier software may have.
In the past two years, e-business seems to have permeated every aspect of daily life. In just a short time, both individuals and organizations have embraced Internet technologies to enhance productivity, maximize convenience, and improve communications globally. From banking to shopping to entertaining, the Internet has become integral to daily activities.
For example, just 23 years ago, most individuals went into a financial institution and spoke with a human being to conduct regular banking transactions. Ten years later, individuals began to embrace the ATM machine, which made banking activities more convenient. Today, millions of individuals rely on online banking services to complete a large percentage of their transactions.
The B2B Way
Is the model buyer- or seller-centric? What is the driving force of the business?
The greatest strength of the Internet is its ability to bring together people, governments, and businesses and facilitate the flow of information among them. This is one of the main reasons why business models for business-to-business online marketplaces are expected to succeed.
It’s clear that the Internet is a viable platform for B2B trade. According to Forrester Research Inc. in Cambridge, Massachusetts, a projected $4.9 trillion in business-to-business (B2B) transactions will be made online by 2004.
But private marketplaces being formed by industry leaders represent a more successful model. These real-time supply chains and e-business design systems are phasing out the more expensive and inflexible electronic data interchange networks.
The real surprise here is how hard it is to become profitable. The cost of branding technology is so high that consumers still use a catalog. A Web site is just another channel.
An e-business model is simply the approach a company takes to become a profitable business on the Internet. There are many buzzwords that define aspects of electronic business, and there are subgroups as well, such as content providers, auction sites, and pure-play Internet retailers in the business-to-consumer space.
Given the carnage among dot-com stocks recently, what type of online business models are expected to succeed in the future? Businesses need to make more money than they spend. The new model is the old model, but technology is essential to maintain a competitive advantage, and cash flow is more important than ever.
For example, Yahoo Inc. in Santa Clara, California, has always operated a successful portal site, providing content and an Internet search engine. However, many portal sites, such as Go.com, MSN.com, and AltaVista.com, have fallen on hard times.
The idea behind portals is the same as that behind television advertising: aggregating eyeballs and directing them toward advertisements. But, television viewers are passive, and people need to wait through the ads to see the shows they want to watch.
However, the Web doesn’t work that way. Content presentation is not serial. Viewers are active, not passive. There are always millions of places to go. No Web advertisement can match a 20-second TV spot.
Customer relationships are becoming a more important factor in differentiating one business from another. In order to stay competitive, e-businesses in every industry have begun to analyze these relationships with customers using CRM solutions.
In the past, customers would place an order via the telephone and wait until the company’s purchasing department processed and shipped the order. Today’s customers place an order electronically and then demand to be able to check the status of their order within minutes.
CRM enables an organization to adopt a comprehensive view of the customer and maximize this relationship. These CRM systems enable a business to identify, attract, retain, and support customs centers, direct mail, and retail facilities. In an efficient e-business, there are CRM processes in place to handle:
Analytical CRM: The analysis of data created on the operational side of the CRM equation for the purpose of business performance management; utilizing data warehousing technologies and leveraging data marts
Customer interactions: Sales, marketing, and customer service (call center, field service) via multiple, interconnected delivery channels and integration between front office and back office
Operational CRM: The automation of horizontally integrated business processes involving “front office” customer touch points
Personalization: The use of new and traditional groupware/Web technologies to facilitate customer and business partner communications. Supply Chain Management
Integration of the SCM functions is emerging as one of the greatest challenges facing today’s e-businesses. SCM is the integration of business processes from end user through to original supplier. The goal of SCM is to create an end-to-end system that automates all the business processes between suppliers, distribution partners, and trading partners. The new mantra for this process, according to industry analysts, is “replacing inventory with information.” In an effective e-business, the following SCM independent processes must be highly integrated
Demand management: These are shared functions, including demand planning, supply planning, manufacturing planning, and sales and operations planning.
Inbound/outbound logistics: These include transportation management, distribution management, and warehouse management.
Supply management: These include products and services for customer order fulfillment
Encryption-based VPNs create a VPN using the public Internet infrastructure. A corporation establishes public Internet connections from each of its office locations to an ISP’s PoP. The corporation can establish the connections with a single ISP or multiple ISPs.
Encryption-based VPNs are susceptible to any weaknesses that the public Internet may experience. Typically, these weaknesses are related to data security and network performance. The original design and implementation of the Internet did not address the security and performance requirements of private networks.
Encryption-based VPNs are often the easiest type of ISP–based private network to create. Several different encryption vendors supply a large range of solutions. Figure 2 shows a typical encryption-based VPN implementation. Each branch office or partner company connects to any ISP; users simply must have access to the public Internet. An encryption device (typically a router or firewall) is placed at each location. The encryption devices receive encrypted data from the other locations and perform the appropriate decryption.
Security issues in computer networks have become one of the most important areas of research with the fantastic proliferation of Internet, and the emergence of a series on sensitive on-line applications. Hiding sensitive transactions from intruders as well as providing a reliable means for authenticating oneself is a very important area of research.
The proposed tutorial will provide an overview of the security technologies that have been proposed by researchers over the years, with particular focus on those that have been in popular use. Topics like conventional private-key cryptography, authentication, public key cryptography, digital certificates, steganography, etc. would be covered.
Some of the popular security protocols used in common Internet applications would also be discussed, like Kerberos, pretty good privacy (PGP), IP security (IPSec) and secure socket layer (SSL). In the final part of the tutorial, various topics related to intrusion detection and system security would be discussed. Specifically, practical techniques of intrusion detection and prevention in an enterprise network, firewall systems, computer viruses, OS security, etc
One of the last terms included in the networking environment is the word Extranet. An Extranet is nothing more than a virtual private network, using the Internet as a means of transporting information between the nodes of our private network. Thanks to an Extranet you can join two Intranets located anywhere in the world.
Traditionally, transport lines such as X.25, point-to-point connections or, more recently Frame-Relay, were used to link the networks of a corporation located in different cities, countries, and continents. An extranet can consider as part of a company’s intranet that extended to users outside the company. It has also been described as a “state of mind” in which the Internet perceived as a way of doing business with other companies as well as selling products to its customers. The same benefits that HTML, HTTP, SMTP, and other Internet technologies have given the Network and corporate intranets now seem to accelerate business between companies. The advantages of an Extranet are mainly the reduction of costs and the high reliability that there is always an available link.
Reliability and low cost: Traditionally private networks implemented with dedicated lines between each headquarters of the company or corporation. A router capable of directing LAN traffic from one headquarters to the LAN of the nearest headquarters installed at each of these locations, always through the data transmission lines (WAN). In the absence of redundancy, the failure of a link prevents communication between sites. A more reliable system is to use a fully meshed network. That is, each headquarters communicates with each other through a link. It makes communications much more expensive, both in the rental of lines and in the cost of routers. Naturally, the additional cost implies an improvement in reliability: The failure of a link does not prevent communication to the other sites because alternative routes can establish. With an Extranet, it is only necessary that each site has a link, usually local, to an Internet access provider. Once on the Internet, the data will be transmitted to the destination headquarters. Naturally, the weak point is the link to the access provider, but the multiple alternative routes offered by the Internet ensure the existence of alternative routes. Therefore, it necessary for each site to have a reliable link to its provider.
With the extranet, reliability gained concerning the use of dedicated lines and costs reduced concerning the use of several dedicated lines (mesh). In many cases, due to international link costs, these options are virtually unfeasible. Only large multinationals can afford this luxury. For the rest of the companies, there is no better alternative, from the economic point of view than an extranet.
Security in Extranets: Firewalls and proxies allow you to protect extranets from unauthorized access by hackers and crackers — encryption used in packages that cross the Internet from one location to another. Authentication is also essential for services such as email. Hence the importance of systems such as SSL (Secure Socket Layer), capable of encrypting information packets and transferring them securely as well as the use of the PPTP protocol (Point-to-Point Tunneling Protocol) which is one of the methods to create a secure “tunnel” through the Internet which is an extension of the famous PPP. PPPT allows establishing multiprotocol virtual private networks over the Internet. The protocols that PPPT currently supports are IP, IPX, NetBIOS, and NetBEUI, that is, most of the protocols used in local area networks. As an extension of the PPP protocol, PPPT limited to point-to-point communications. However, several point-to-point communications can replace a multipoint. Based on the client-server model, it is necessary that the destination network also supports PPPT. Microsoft, with Windows NT Server 4.0 has been the first manufacturer to support this protocol. Applying all these techniques guarantees the security of the Extranet.
Disadvantage of Extranets
The delay in communication. The exponential growth of the Internet does not make it suitable for delay-sensitive traffic. For example, videoconferencing or telephony over the Internet, at present, do not offer the adequate quality of enterprise level. On the other hand, the Internet is a very suitable means for transporting email, file transfer, access to remote databases, etc. that is, traffic not sensitive to delays. Protocols indeed investigated that allow the necessary bandwidth to reserved for each service, but it takes years until it becomes operational and viable. Therefore, it is not advisable to use extranets as an internal telephone or videoconference network.
Purposes and Uses of An Extranet
As Intranets spread within corporations, it seems natural that if there is any need for information exchange between them: customers/suppliers, business partners, etc., the need to interconnect them through the Internet considered.
There is some inertia not to replace traditional EDI systems with “EDI Systems over the Internet”, for some a vision of what an extranet is, especially for reasons of security and robustness of the first against a lack of confidence and normalization in the second. However, there is a field where the use of an extranet seems natural: in those EDI systems that need to reach a mass market. In this way, allowing you to launch an order or view the result of it from a Web browser, known as the Web-EDI model, does not require any specialized software, type EDI station, to enter the world of commercial exchanges without papers. Thus, it is feasible to extend EDI solutions to environments such as booksellers and publishers, pharmacies and pharmaceutical laboratories, etc.; where one of the parties has low investment capacity and is very numerous. However, exchanges of unstructured information such as email, news, etc .; between organizations that have an Intranet built or not, and connect through the Internet; It is as old as the existence of the Internet itself. From this point of view, extranets have always been part of the Internet.
Companies can use an extranet to:
• Exchange large volumes of data using Electronic Data Interchange (EDI).
• Share catalogs exclusively with wholesalers or people within your business or branch.
• Collaborate with other companies in joint development efforts.
• Develop and use training programs with other companies.
• Provide or access services offered by a company to another group of companies, such as the application of online banking managed by a company on behalf of banks affiliated with it.
• Share news of common interest exclusively with partner companies.
Microsoft supports the Point-to-Point Tunneling Protocol (PPTP) and is working with American Express and other companies on an Open Buying on the Internet (OBI) standard. Lotus Corporation is promoting its Notes group software product as a program well suited for use in extranets.
Customers pay for merchandise (Goods) by writing an electronic check that is transmitted electronically by email, fax or phone. The “cheque” is a message that contains all of the information that is found on an ordinary cheque, but it is signed digitally, or indorsed.
The digital signature is encoded by encrypting with the customer’s secret key. Upon receipt, the merchant or “payee” may further indorse by encoding with a private key. When the cheque is processed, the resulting message is encoded with the bank’s secret key, thus providing proof of payment. Various companies are selling Electronic Check software and services
Business to Business or B2B refers to electronic commerce between businesses rather than between a business and a consumer. B2B businesses often deal with hundreds or even thousands of other businesses, either as customers or suppliers.
Carrying out these transactions electronically provides vast competitive advantages over traditional methods. When implemented properly, ecommerce is often faster, cheaper and more convenient than the traditional methods of bartering goods and services.
An example might be an auction web site for procuring manufacturing components at the lowest price, established by a group of manufacturers.
This is a software/hardware combination that connects an organization’s internal networks to the Internet. As such, its primary concern is security: it uses rules to determine what information can be passed in either direction, based on the originator address, the server address and the type of information to be transferred. In plain English something that monitors all communication between the company network and the Internet and makes sure that this communication is legitimate. Broadly speaking there are two main types of firewall: network level and application level.
Network Level Firewalls
These accept or reject messages based on the source address of that message. To explain, every message is split up into smaller packets of data before being sent out over the Internet. Naturally this packet of data carries its destination address so any computer it passes through knows where to send it next, however it also carries the source address which is what the network level firewall looks for. If the data packet originates from a known, or pre-defined, address it is let through into the company system; if not it is rejected.
Network level firewalls are what is known as transparent to the user which means no-one knows they are there. They operate without the users being aware of their existence. While this can make them popular they are by no means the best solution for high security organizations as they can be defeated. It is possible to forge the source address on data packets and so fool the firewall into thinking they come from an approved source.
Application Level Firewalls
These perform a much more sophisticated analysis of the data passing through them according to criteria set by each individual company. Although more secure this auditing process takes time which means the system will run that much slower.
Additionally it could require extra training on the part of the user.
As a further refinement both types of firewall could be used in combination. Low grade information could be protected by a network level firewall to take advantage of its speed while high grade information could be protected behind an application level firewall to take advantage of its greater security. In this way a great deal of safety can be built into the system – and yet security will still not be absolute. Firewalls cannot prevent a virus being downloaded nor are they proof against sabotage or stupidity from personnel within the company.
Something else a firewall cannot do is set the security policy for the company. They are without doubt the physical representation of that security policy, and they work according to the guidelines laid down in that same security policy, but they cannot create it themselves. Only humans can do that.