Network security options

To protect your internal resources, choose the appropriate network level security measures.

When connecting to an untrusted network, your security policy must describe a comprehensive security scheme, including the security measures that you will put into effect at the network level. Installing a firewall is one of the best means of deploying a comprehensive set of network security measures.

Your Internet Service Provider (ISP) can provide an important element in your network security plan. Your network security scheme should outline what security measures your ISP will provide, such as filtering rules for the ISP router connection and public Domain Name System (DNS) precautions.

Although a firewall certainly represents one of your main lines of defense in your total security plan, it should not be your only line of defense. Because potential Internet security risks can occur at a variety of levels, you need to set up security measures that provide multiple layers of defense against these risks.

Consider using a firewall product as your main line of defense whenever you connect your system or your internal network to the Internet. Although you can no longer purchase the IBM® Firewall for the i5/OS product and support for the product is no longer available, there are a number of other products that you can use.

Because commercial firewall products provide a full range of network security technologies, the JKL Toy Company chooses one to protect their network. Because the firewall that they choose does not protect their operating system, they add the additional security feature that comes from using the i5/OS packet rules. This allows them to create filter and NAT rules to control traffic for the Internet server.