Duty of firewalls

PEM counters the threat of onterception or tampering with amessage stream in electronic mail. Although that is a significant concern, there is limited use of electronic mail for sensitive communication. More significant is the threat that an untruder would penetrate a ststem turm connected to the Internet. This threat is more significant for two reasons: an electronic message contains very little data, usuallt only hundreds or thousands of bytea. whereas a network. may be unaware of the threat to all stored data. Thus, protection of network conected resources is very important.

The simplest from of protection of sensitive resources is not to connect them to any system accessible from outside the organization's security perimeter, Physical isplation is totally effectibe against outside attack,but manyusers need, and more want, access to the outside.

in the worst case, a user woll buy an indezpensive modem and connect it to a LAN-connected workstation to link to the outside. This practice is harmful because the security staff does not even know of the modem, so they cannot control it or educate the user about how to limit the ezposure or build defenses for other resources connected to the maverick user.

Ideally, we want afillter that will let though only desirable interactions. Two problems of controlling access are determining what constitutes desirable (or not desirable) interactions, and permitting desirable interactions, blocking the others, and nit interfering too severely with users' operations (to keep users from buying their own modems and defeating the purpose of the fillter). The model is like adefensive medieval castle: these castles had strong and solid walls with slits through which archers could shoot arrows. These slits were so narrow that it was almost impossible to shoot an arrow through it from the outside. This kind of computer defense is called afirewall.