Understanding Network Security Zones
Security is an important consideration with any network. Some areas of a network are more vulnerable to
attacks than other areas. This increased risk requires increased security. Different areas of a network are cat-
egorized in zones with varying levels of security required in different zones.
The Internet is the riskiest zone. Internal networks, or intranets, are the safest. Between these two, you can
create perimeter networks as a buffer zone. One of the primary methods of separating the zones is with fire-
walls. This chapter covers these different zones and provides some information on firewalls in general and
Microsoft firewalls in particular.
Understanding risks on the Internet
Exploring an intranet
Identifying a perimeter network
Understanding Risks on the Internet
I'm betting you've used the Internet once or twice, but it's still worth mentioning here. It's the largest network
in the world and continues to grow by leaps and bounds with no end in sight.
Several things have been mentioned about the Internet throughout this topic, and it's worth consolidating
them here in the context of network security zones:
The Internet Is the Riskiest Security Zone Attackers from anywhere in the world can attack computers
on the Internet, and they do. In 2009 and 2010, malware authors created 20 million new strains of mali-
cious software (an average of 63,000 a day). Infected systems join massive botnets and participate in at-
tacks on other computers.
All Internet Addresses Are Public Internet Protocol (IP) addresses used on the Internet are public IP ad-
dresses. In other words, they are accessible from any other computer with access to the Internet. In com-
parison, IP addresses on internal networks are private.
The Internet Is TCP/IP Based The TCP/IP protocol suite is the standard used on the Internet. Most in-
ternal networks use the same TCP/IP protocol suite for easy interaction on the Internet.
The World Wide Web (WWW) Travels Over the Internet The primary protocol used to transfer web
pages is the Hypertext Transfer Protocol (HTTP). Note that the WWW isn't the Internet. Rather, you can
think of the WWW like a semitruck delivering goods and the Internet as the highway that the truck travels
on. Other protocols traveling over the Internet include the File Transfer Protocol (FTP) and Simple Mail
Transfer Protocol (SMTP).