Firewall for Intranet Security

Abstract

At present, there are many commercial and noncommercial firewalls available in the market. Some of them are Squid Firewall for Unix environment, Raptor Firewall, Tunix Firewall, Security Firewall, and Trustix Firewall for Linux operating system. Squid Firewall is the generally available open source firewall. It works on Unix platform. This firewall had good features like Hypertext Transfer Protocol caching. The architectural design, documentation, and the source code of this firewall are available freely. Nowadays, one can get this firewall from installation package of Linux operating system or from downloading from the Internet, free of cost. Thus it saves the developing cost, but since this firewall is easily available with the full source code and documentation, one can easily understand the design architecture and working policies of the firewall and can make the holes in the firewall. This firewall does not provide the data compression facility for data files stored in cache. Raptor Firewall is the commercial firewall. The Raptor Firewall works on the Windows NT operating system. This firewall creates the log file for incoming and outgoing data but not maintain the backup copy of that data. As this is a commercial firewall, the cost of this firewall is too high, and the maintenance cost is also much. So this firewall is suitable only for large-scale organizations. This firewall does not provide facility of data compression on the behalf of the web server. This Security Firewall is developed by the eEye Digital Security as the first-ever IIS application firewall. This is also a commercial firewall. This firewall provides the log file facility for incoming/outgoing data. But this firewall does not have facility for providing backup copy of data sent out or in through the firewall. The purchase cost and the maintenance cost of this firewall are too high, so they are not useful for small organizations and corporate offices. This firewall does not provide the data compression facility over Hypertext Transfer Protocol which the web server provides. Trustix Firewall is another commercial firewall. This firewall operates on the Linux operating system. Basically this firewall uses Squid proxy server adding to its own features. The cost of Trustix Firewall is about USD 1000, and maintenance cost is also high. This firewall also is not providing Hypertext Transfer Protocol data compression facility. This firewall maintains the log files for every incoming and outgoing request/response, but it does not keep the backup copy of actual data sent out from intranet. Thus considering initial and maintenance cost, this firewall is not suitable for small organizations, corporate offices, colleges, etc. Tunix Firewall is a commercial firewall. It provides basic features of the firewall, but due to high cost of purchase and maintenance, it is difficult for small corporate organizations to use the firewall for their networks. This firewall also does not keep the backup copy of incoming and outgoing data at the proxy server. It only maintains the log file with IP address of source and destination, name of requested file, and the time of service. Also this firewall does not have facility for Hypertext Transfer Protocol data compression. The various drawbacks of the above firewalls motivate us to implement the application firewall to achieve the following benefits. Although many firewalls are available in the market, some organizations want to build the firewall from scratch with their own design and implementations. This knowledge may not exist in-house with a vendor-supported firewall. In deciding whether to purchase or build a firewall, the organization first gets the requirements and then sees if it has sufficient resources to build and test the firewall. Prepare the cost analysis for building the firewall, and compare it with cost of commercial firewalls. The organization, after requirement analysis and cost analysis, decided to build a firewall. It requires additional features like backup copy of data at proxy server, data compression at proxy server, scanning for virus, etc. To fulfill all these requirements of the organization, we started to design and implement the application firewall having additional features along with the common features. The paper organized as below proposed model of implementation of firewall using data mining technique.