Home Page

Firewalls

Email & Spam

Security Terminology

Security Topics

VPN & Cryptography

Wireless

 

Firewalls

Which Network Firewall

Which Home Firewall

Network Firewall Buyers Guide

 

Firewall Terminology

Application Control

Application Layer Filtering

Firewall Authentication

High Availability, Failover, RAID, Clustering, & Redundancy

IPS & IDS Systems

Load Balancing & Link Balancing

NAT

Network Firewall Buyers Guide

Next-Gen vs UTM

Packet Filtering

Parental Control

Perimeter Network or DMZ

Personal or Hardware Firewall?

Ports Protocols and IP Addresses

QOS

Stateful Packet Filtering

SSL-Content-Scanning

UTM

What is a Firewall?

Which home Firewall?

Which Network Firewall?

Zero Day Protection

 

Security Products Guide

Which Anti-Virus Software?

Which Firewall?

Which Spam Filter?

Which Internet Security Suite?

 

What is Guide

What is a Firewall?

What is a Virus?

What is Spam?

 

Essential Security Guides

Securing Windows XP Guide

Securing Windows Vista Guide

A Guide to Wireless Security

 

Other

Top 8 Internet Security Tips

Why both, Firewall and Anti Virus?

Free or purchased security - Which one?

 

 

 

 

Internet Application Control

 

 

There are now many applications that have access to the internet. A firewall can not create a proxy for all these applications because there are so many. Applications can now tunnel directly over HTTP. We can’t just block HTTP as then we will be blocking everyone accessing the web via browsers as well.

Now firewalls as well as web security gateways have developed ways to control these applications. Application signatures are created to be able to uniquely identify these them.

Applications such as Skype, TeamViewer and LogMeIn are good examples of why application control is crucial. An employee can easily just install TeamViewer on their corporate system. They can then access their corporate documents remotely. Now just because you are blocking inbound access to your firewall will not prevent this type of access due to the way these applications work. Even if you have mechanisms to control who can install applications on your corporate systems, this can still be bypassed because there is a version of TeamViewer that you can run without having to install the application, just like the way Putty works.

There are other reasons why you may want to control applications, such as reducing the amount of bandwidth used up on none productive applications or blocking of illegal downloads.

You don’t have to block the application from accessing the internet altogether, there is ability with some vendors that you can enable traffic shaping on them. For example you can give streaming media a certain amount of maximum bandwidth so staff can still browse YouTube and other media sites but are restricted to a limited amount of bandwidth.

The term "Next-Generation Firewalls" deals with the above problems and have capabilities to monitor and control applications.

 

For further reading, there's some excellent electronic ebooks available for download from eBooks.com