It is one of the old security adages that the nature of the threats to networks are ever-changing. Today they encompass physical threats (theft of computers), technical (viruses), resource (loss of computing power, bandwidth overload), legal (illegal data on corporate networks), human resources, information loss and employee time-wasting.

Each is a threat that needs to be considered separately. But the most significant change to network security for years has just materialised, and it means that firewalls need a complementary gateway barrier if defence against invasions via Web traffic is to be effective.

Ten years ago, when corporate networks largely consisted of internal data traffic handled by bridges, hubs, and LAN switches, with routers managing what limited Internet access there was, the firewall symbolised a gleaming piece of state-of-the-art 'machinery', capable of identifying and tackling any external threat.

Things have changed. The ubiquity of Internet access within the modern enterprise is such that Web traffic levels are increasing daily, and so are the security threats that this brings with it.


This does not mean, though, that the firewall has been made redundant - far from it. In fact the very real security concerns facing businesses today are such that the firewall is more vital than ever. But separate appliances, allied with firewalls in a co-ordinated defence system, are required to tackle the emergence of a new loophole - port 80, over which the vast majority of Web traffic flows, and is subjected to only very basic checks.

Airport Sophistication Needed

The situation facing IT departments is uncannily similar to that facing the fledgling airlines and airports - and indeed the passengers using them - when air travel first emerged as a popular phenomenon. Then, arrive at the airport with a passport and the right ticket and you were directed to the right aircraft While the same is true today, the overall system has been tightened somewhat.

Even the least comprehensive of airport security systems for departing passengers will perform basic questioning at check-in. But it will also have security staff patrolling the check-in areas looking for suspicious behaviour, weighing and x-raying of hold baggage, x-raying of cabin baggage and possible body searching, metal detector checks for passengers, plus further questions and scrutiny at the gate and all areas of the airport constantly monitored by closed-circuit television for anything untoward. At the destination, sniffer dogs check baggage once more and immigration checks and further x-raying of baggage is undertaken. Depending on the route and the customer, different numbers and types of checks are undertaken.