There are a few observations worth making about firewalls at a very
general level. Firstly, a firewall is a leverage-increasing device from
a network management point of view. Rather than looking at it as ``all
eggs in one basket,'' it can also be viewed as a trustworthy basket,
and a single point from which a very important security system can be
controlled. The size of the zone of risk is crucial to the design; if
it is small, security can be maintained and controlled easily but if
security is compromised, the damage can be more severe. The ideal would
be to have such strong host-based security that a firewall would be
redundant. Systems administration costs and a hard dose of reality
prevents this ideal from being obtainable.
A second important aspect of firewall building is that it is not something to undertake in a vacuum. Many sites are connected with a simple firewall consisting of a screening router and nothing more because someone told them that it was ``secure enough.'' In setting up a firewall one must trade off time and money, security, and risk. ``Secure enough'' depends largely on what you risk losing. Finally, it is important when approaching implementing a firewall to avoid the urge to start from scratch. System security is a lot like pregnancy; one is seldom only broken into a little bit, and it only takes a little mistake or a moment of inattention to find oneself in a delicate position. Leaning on the experiences of others, and learning from their mistakes and successes is very important. Setting up a firewall is definitely an area where having a wide background in experience to draw upon is important. The vandals on the network have a wide background in experience to draw upon as well, and a firewall administrator must communicate with others, and must keep up to date on other firewall-related happenings on the network. Static defenses do not work unless they keep up with emerging tricks of the trade, or one's firewall may be the next Maginot Line.