Part 3: Designing, Implementing & Maintaining the Solution
Conceptual Design:
When implementing the distributed database, kernel loaded software will be installed on every client machine on the network. Every time an individual client machine is powered on, the distributed database will be powered on and begin filtering incoming traffic into every client machine (Özsu & Valduriez, 2011). This is a very important part of the process as it gives the advantages over the traditional firewalls. Traditional firewalls are implemented on the boundary of an internal network and an external network such as the internet. The firewalls treat the external network as risky while considering the internal network safe (Kizza, 2015). This means that although the firewall is efficient in protecting against external threats, it is powerless when harmful traffic originates from within the network. The distributed firewall, which sits on every client machine on the network, treats each client machine as a network. Any traffic coming to the client machine is considered to be external traffic and therefore risky whether originating from the internal network or from the internet.
Logical Design:
Typically, installation of a distributed firewall will take place at the kernel level of the client server. Any time the client machine powers on; the distributed firewall is loaded and becomes active. It is therefore able to filter all the traffic getting into the machine before application level. This is very important because location at the kernel level ensures that it is difficult to bypass the firewall. If the firewall were implemented on the application level for example, harmful traffic would be able to get access to the client machine and cause problems before being detected. For example, many harmful software is designed to target the operating system and corrupt files in the operating system. Since the operating system provides the interface between the hardware components of a machine and the software, if the operating system is compromised, the firewall at the application level would not be able to prevent the traffic from causing harm.
Physical Design:
The distributed firewall requires implementation at every client machine. This means that the design of the network does not need to be changed. Typically, a distributed firewall finds use in conjunction with a normal firewall for added security. Say for example an internal network that is a designed in a star topology there is network server will act as the hub for the network. Individual client machines connect to the hub and act as the nodes. In such as design, the network administrator implements a typical firewall at the network server level. This will filter out traffic getting into the internal network from the internet. Additionally, a distributed firewall requires installation in every client machine in the network. These will filter traffic coming into the client machine regardless of where it originates. This provides an added layer of security in case the external firewall missed any harmful traffic or if the harmful traffic originated from within the logical boundaries of the network (Peterson & Davie, 2011).
Phase 4: Implementation Phase
The distributed firewall is most effective when used in combination with a normal firewall. It is also effective when it is present on all the client machines in a network. This is because if one machine in the network lacks protection, it becomes a weak point in the network and compromises the security of the whole network. Therefore, any means of implementing the distributed firewall apart from a direct changeover will not be suitable. This is because the other methods of implementing the change like a parallel or pilot conversion will not result in all the client machines being installed with the distributed firewall (Rahimi & Haug, 2010). When some machines in the network have a distributed database while others do not have it, the network resources are still at risk apart from resources stored directly in machines that have the firewall installed. However, many networks work with the principle of load sharing and replication and therefore most resources of the network are likely to be accessible in any client machine. This means that the entire network is at risk. During the changeover, all the client machines in the network are going to have the distributed firewall installed at the same time. During this time, some network resources might not be available as the client machines will need to turn off as the distributed firewall works at the kernel level (Rahimi & Haug, 2010).
After installation of the distributed firewall on all the client machines, it requires testing in an effort to ensure that it is working properly. The network administrator will configure the firewall either centrally or on each individual machine. The network administrator will then test the firewall to ensure that it is working as expected. This is a very important part of implementation. Testing ensures that any problems are identified early and resolved (Kizza, 2015). For example, if the firewall settings are too strict, it is likely to reject even useful incoming traffic. However if the firewall is implemented in a client machine with very confidential material, the firewall can be configured to only accept connections from specified trusted sources. Configuring the distributed firewall is therefore a very crucial part of implementation. A poorly configured firewall is as good as having no firewall at all.
Phase 5: Operations and Maintenance Support Phase:
The distributed firewall needs constant maintenance and monitoring. This is very important. A firewall is not able to detect harmful traffic on its own. It requires configuration for it to function properly. The consequences of an improperly configured firewall are that it will either accept all incoming traffic or reject all incoming traffic. This defeats the purpose of the firewall. The network administrator is responsible for configuring the firewall. They ensure proper configuration to accept all necessary incoming traffic while blocking untrusted traffic (Peterson & Davie, 2011). This requires the network administrator to be aware of trusted sources and untrusted sources. Typically, firewalls work with lists of trusted sources. Incoming traffic is compared against this list. If it appears on this list, it is considered safe and therefore allowed to proceed to the network. If the traffic appears to originate from a source not on the trusted list, it lacks entry into the network (Peterson & Davie, 2011).
These lists change all the time and part of maintaining the firewall includes updating this list to ensure that trusted traffic is not blocked. Finally, monitoring the network is part of maintaining the distributed firewall. The network administrator needs to monitor traffic coming into the network constantly. Sometimes, untrusted traffic may appear on trusted lists and vice versa (Peterson & Davie, 2011). The network administrator has tools to monitor traffic in the network and determine its source and importance. This means that they can edit the lists that the firewall uses to ensure that only trusted connections happen in the internal network.
References:
Kizza, J. M. (2015). Guide to computer network security. London: Springer
Özsu, M. T., & Valduriez, P. (2011). Principles of distributed database systems. New York: Springer Science+Business Media.
Peterson, L. L., & Davie, B. S. (2011). Computer networks: A systems approach. Burlington: Elsevier Science.
Rahimi, S., & Haug, F. S. (2010). Distributed database management systems: A practical approach. Los Alamitos, CA: IEEE Computer Society
