Research Proposal on Network Firewall Optimisation

Introduction

The world has embraced and adopted technology as the back born and the driver of enterprises, governments, and small business. Many organization has implemented a paperless system where computers and mobile phones are used to run the entire company processes. However, most the networks have experienced attempted attacks, and some have been successful resulting in catastrophic consequences (Goralski 700). Most of the existing firewalls are expensive, solve limited network problems and needs a certified network technician to run and manage them. The research document proposes a comprehensive network firewall system that has a friendly user interface, easy to use for non-technical users, affordable and solves most the problem of external network attacks from unauthorized users.

Background

A network firewall is a device that is used to prevent and protect the LAN from external intrusions and attacks ("Anti-virus solution for network firewalls" 6). It is placed between the WAN and the local area network. All the communication between the public internet and the local network area monitored and filtered according to the policies of the organization ("Computer networks, the journal, and computer networks, the technology" 100). The unauthorized network traffic is dropped by the firewall preventing any illegal access. The firewall has a list of rules that control the network access. Based on the rules, only the specified network traffic is allowed into the local network from the public internet and out of the local system to the open internet ("Crime and security network" 4).

There are four types of firewalls which include, packet filtering firewall. The firewall filters network packet from the internet and the local network based on the set rules. The packet content is analyzed and allowed to progress if and only if, the material meets the policy requirements ("Firewalls under fire" 3).

Stateful inspections firewalls is another type of firewall. The application communicates with each other using network ports. Some of the applications that use TCP protocol for communication must be allowed access through the firewall, therefore, bypassing the packet filtering firewall. However, the stateful inspections firewall can filter the TCP connection that the packet firewall cant.

Application level gateway is a type of firewall that analyzes the network security policy at the application level. The application is scrutinized to meet the security requirement. Circuit-level gateway is the fourth type of firewall. The firewall creates a proxy between the local and public network. There is no direct connection between two end systems. The local system has to be connected and filtered through the proxy before allowed to access the public network and vice versa ("Firewalls" 290).

Problem statement

The proposal seeks to offer the solution to two areas that make current firewalls complicated and difficult to configure and implement (Goralski 800). The first part is the user interface. Most of the existing firewall is managed through a command line interface. Users who are not certified or knowledgeable in command line functionality will not be able to implement the firewall system fully. The proposed firewall will have a graphical user interface that allows the users who are computer literate but are not certified firewall administrators to configure the system. The system will have guidelines and the brief description of what every function achieves when implemented. The project aims at offering security solutions to home and small office users who are always at the risk of attacks from the public internet. Most these small offices and home users cannot afford current firewalls due to the cost implications.

The second proposed function is the integration of the firewall types in one system. Most of the current firewalls offer only one solution, therefore for an all-around protection, one has to procure four firewalls ("Information technology. Security techniques. IT network security" 30). Four firewalls require experts in different fields to manage and configure them correctly. Integrating the firewalls functions so that one firewall performs four functions cuts on cost and the bulkiness of the firewall devices.

Sub problems

The research found out that most small users dont understand the different firewalls that are available and the solution they offer. The study proposes to provide a solution by creating a portal where users can post their current security concern. The portal will suggest different solution tagged with the price and available functionality. Users who are not aware of the potential threats that they are facing can also visit the portal. A detailed description of all the risks and the particular solution available will be listed on the portal. The threats will be listed in order of severity with the severity level marked. The most severe warnings will be marked in red while the least grave will be marked in grey.

Research questions

The research is to find out how small office and home users manage their network. The items will be addressed to them.

1. Do you have a firewall?

2. Have you ever experienced a system attack?

3. How do you protect yourself against the network attack?

Delimitations

The research will not involve corporate or large organizations networks. The reason for the choice is because most of them have elaborate firewall systems already put in place. They have in-house administrators who are certified and accurately manage and maintain the firewalls. The cost implication is not a factor, and they are already aware of the network risks available. Most of the small office and home users are the ones who are unaware of the risks involved in exposing their local network to the public internet.

Definition of terms

Firewall: A device or software that filters traffic between the local network and the internet ("Maximize multiple firewalls" 5).

TCP: A transmission control protocol that allows specific application on the network to communicate and exchange data ("Integrated network security products" 4).

LAN: Local Area Network is an internal network that spans within a building ("Network Interconnections" 368).

WAN: Wide Area Network is an external network that spans across different regions ("Network Security goes online" 8).

Assumptions

The project assumes that most of the cooperate networks have firewalls that are appropriately configured have in-house networks engineers who are always monitoring and managing the firewalls. The cost is not a factor when large organizations need to procure a firewall. The second assumption is that most computer literate small office and home users dont know the risk involved in accessing the public internet without a correctly configured firewall. Most home users dont know where to get the firewalls. Small office users cannot set the current firewall which is sophisticated and are configured via a command line interface.

Importance of study

The research will offer solutions to the users who are not aware of the risk involved in exposing their LAN to the public internet. The users who are aware of the dangers but dont know how to resolve it will have a breakthrough in the research. The research will cut on the cost of procuring a firewall device and make it easier to use. The study will also create awareness of what a firewall can and cannot do. The users will understand that a firewall cannot protect the LAN against attacks that are executed from within. Attacks that result from installing malicious programs from the internal networks cannot be prevented by the network firewall.

Literature review

Over the years the network has been growing and expanding in both the LAN and WAN ("Network security assessment tool" 5). Network traffic has been on the rise exponentially. The result of the growth is more dependency on technology and computer systems in running the home and large organizations daily task. The computer system can be accessed via mobile devices and wearables. Voice, text, and video are now transmitted over the network to the public internet ("Network Security Plus" 6). The use of the internet to run business processes has encouraged malicious users to intercept or sabotage systems and networks. The internet users are exposed to attacks that are always targeting unsecured networks (Perez 217). Therefore, firewalls were designed to protect the LANs. The firewalls have characteristics that make them the best solution to external attacks ("Reworking Your Firewalls" 18). Firewalls use different methods to protect the network. Some of the techniques are, limiting the service that a LAN can access over the internet. The firewall can be configured so that only the verified and non-malicious service from credible sources are allowed to get through to the internal network (Schultz 9). Another control method is permitting specific users on the internal network to access particular services on the internet. The other way of managing network security is controlling the level of access a particular service on the internet can have on a network system. The firewall can allow a service to access the network but under limited read and write permissions. The reason for these measures is to prevent malicious services and programs from accessing the network and gives the network administrator network control. Some of the firewall characteristics are, all the network communications and traffic to the internet and from the internet must be analyzed and filtered through the firewall (Touch 115). The firewall works with the security policy and rules of managing the inbound and outbound traffic and cannot be penetrated without the required access security credentials ("Unix network security" 3).

Methodology

The research method will be questioners and the use of literature review. The questioners will target small office users. There will be an extensive literature review of the previous work that relates to the proposed project and the gap that exists with the current systems.

Sampling

The target users will be selected randomly within a specific region. The selected area will be populated by both corporate users and the small office users.

Analysis and statistical techniques

The data will be analyzed and represented using bar graphs and pie charts.

Outline of study

Steps to be taken The project to start with problem identification. The problem will be initially identified through the current systems and the previous academic work. The second step will be recognizing the target group regions. The third step will be drafting the questioners and issuing them to the target group. The third level will be collecting the questioners and analyzing the data.

Timeline

The project is estimated to take a total of eight months. Two months will involve problem identification, and the target group will be identified in two months, the drafting and issuing of questioner will take a month and the collection of the questioners and analyzing the data will take three months.

Budget

The project is estimated cost a total of $2000. The amount will cover accommodation...