Home 
 1. Overview  
 What is preventative maintenance? 
 Why use preventative maintenance? 
 Who uses preventative maintenance? 
 How does preventative maintenance work? 
 What does preventative maintenance cost? 
 2. Preventative maintenance implementation guide 
 What needs to be done? 
 Who does it? 
 Prepare to implement  
 Implementing Preventative maintenance  
 Reviewing the implementation 
 Resources 
 3. Preventative maintenance operations guide  
 What needs to be done?  
 When does it need to be done? 
 Who does it? 
 How is it measured? 
  Resources 
 4. Toolkit  
 Installing a firewall 
 Installing antivirus software 
 Developing fail safes 
 Implementing a backup and restore process 
 Maintaining computers (Apple) 
 Maintaining servers 
 Maintaining switches, hubs and routers 
 Setting up a maintenance schedule 
 Setting up RAID 
 5. Review of Preventative Maintenance 
 Recap of Preventative Maintenance 
 Checklist 
Installing a firewall
What is a firewall? Why install a firewall? Choosing a firewall for your school Maintaining your firewall to keep it effective

Go back to Toolkit
What is a firewall?
A firewall is a system that stands between your network and the Internet and acts as a gatekeeper, allowing in trusted friends and keeping out known or suspected enemies.

A firewall can be a single device such as a router computer or dedicated hardware appliance which has software capable of making the decisions needed to monitor the flow of data to and from your school’s network.
Why install a firewall?
If your school network is connected to the internet, you need a firewall. There are so many different ways in which your network can be compromised. Some of them include:
  • denial of service attacks
  • SYN flooding
  • ICMP redirects
  • ping of death
  • forged email
  • spoofing and impersonation.

Hackers are constantly finding new ways to damage your network so, although you don’t need to understand what all the above mean, you do need to ensure that your network is protected from such attacks.

A firewall is your first line of defence. Firewalls, however, cannot protect you at all from another major source of attack; computer viruses, Trojan horses or other destructive programs. For protection from these you need to install a good antivirus program.
Choosing a firewall for your school
In most cases your Internet service provider or broadband supplier  will offer a firewall as part of its solution.  However, it may be worth checking that it meets the requirements of your school.

Installing and managing your own local firewall solution can often be more complicated and costly than using the solution already provided for you. If you choose to operate your own firewall, there are two techniques that are relevant to school networks: network-based firewall and application- based firewall.
Network based firewall
A network-based firewall (also called packet filtering) works by filtering packets It can be set up to block traffic by creating filters for:
  • IP addresses (you can specify individual or ranges of addresses)
  • Protocols (such as UDP or TCP)
  • port numbers (to identify connections between applications such as FTP or Telnet)
  • direction (filtering can be based on whether the network packet is coming into the network or being sent out by a network user to the internet).

Packet filters come in many forms, but the most common are built into standalone routers that sit between your modem and the rest of the network.

This simple and cheap device maybe adequate if your network is relatively small (up to 50 workstations) or if you are connected to the Internet via a dial-up modem.

Although packet filters make decisions based on the header information in a packet, they do not understand the application protocols such as FTP or HTTP. Thus it is easy for a hacker to exploit known problems with application protocols, and problems can ensue if the packet filter allows the packet to enter the network.

If your network requires a greater level of protection, you should consider installing a proxy firewall.
Application based firewall
An application-based firewall (also known as an application gateway or proxy firewall) provides protection for your network at the application layer. It performs this function by managing connections to and from the outside world. A proxy firewall acts as a middleman for the users on one network to interact with services on the other network. This interaction usually uses a technique known as network address translation (NAT), where the addresses on the internal network are not directly exposed to the external network.

In the application-based firewall the proxy takes care of translating the address so that the connections can take place. A proxy firewall never allows a packet to pass through the firewall.
graphic

This is a more complex solution but should be adopted for larger networks where there is a lot of internet-based traffic.
Proxy firewalls are implemented by installing a software application on a computer. For networks up to 250 workstations the software may share a computer with other applications such as an . email server. For larger networks (250+ workstations) the software will need to run on a dedicated computer to ensure optimum performance of your Internet connection.

Most major software suppliers sell firewall software. The choice for your school may be based on the following criteria:
  • cost
  • operating system used
  • compatibility with existing applications
  • ease of installation and use.
In addition, there are many freeware and shareware packages available. It is worth downloading and trying out some of these cheaper options before committing your school to an expensive proprietary system.
Maintaining your firewall to keep it effective
The problem with security is that the environment is always changing. As soon as a bug on an operating system or application is found and exploited by a hacker, someone comes up with a fix. As soon as the fix is applied, something else crops up. When you set up a firewall to protect your network, you must perform tests to be sure that it does what you think it does.

The problem with testing, however, is that you already know what you’re looking for when you create and execute the test. To keep on top of things you should also:
  • monitor the data collected by any auditing or logging functions the firewall provides
  • look for attempts to breach the firewall
  • watch for unusual activity
  • check the Internet for the latest information on security issues
  • keep your firewall software up-to-date.

If you find you are being attacked, the best option is to use a utility such as TRaceRT to locate the source of the attack and notify your ISP.

Top