Скачать в pdf «Network+»

The Secure Sockets Layer (SSL) security protocol was developed by Netscape for integration into its Navigator browser. SSL is based on RSA public key encryption, and is used to provide secure Session layer connections over the Internet. It is service-independent, so many different network applications can be secured using SSL. The HTTP Secure (HTTPS) protocol is based on SSL. Eventually, SSL was merged with other Transport layer security protocols by the IETF to form a new protocol called Transport Layer Security (TLS).


Kerberos is not just a protocol, but an entire security system. Created at MIT, it establishes a user’s identity when they first log on to a system that uses Kerberos. That identity and its security credentials are then used throughout an entire logon session. It uses strong encryption to encrypt all transactions and communication. This encryption is freely available, and the source code for it can be freely downloaded from many different sites on the Internet.

Comparing Firewall Operating System Platforms

Most firewalls are implemented as a combination of hardware and software. The hardware is typically a server-class machine. The software is usually specially written and sits on top of an NOS. Firewalls are typically dedicated computers (that is, they don’t do file/print serving or perform any other network function).

Let’s briefly look at each of the four major network operating systems and how each implements a firewall.

Remember that in addition to firewall software, you need at least two NICs (some firewall products use three) to have a functional firewall.

The Unix Operating System

Unix is the NOS on which the Internet is based and, as such, is also the NOS on which firewalls are based. In Unix, you can unload and lock down individual services. This means that you can configure a Unix server so that only the firewall service is up and running. Proponents of Unix argue that it is more secure than other operating systems because nonessential services can be removed, though knowledgeable Microsoft or Novell administrators can do the same with Windows and NetWare.

Скачать в pdf «Network+»