The Dolphinwall Firewall program is ahead of the firewalls being currently used, focusing on the ever more important target of company security. The function of a firewall is not just blocking a connection through the IP address and the port, but guaranteeing real-time protection too.
"Protection" means providing four different functions:
 
  • Statesful Inspector function. It checks the IP address, the port and the protocol of the packets in transit in the firewall. You can analyse if a specific packet is a member of an authorized stream and if the dimension and the checksum parameters are right.
    Today almost all firewalls support this function.
     

  • IDS function. It blocks a packet containing a possible attack in real time. For example we consider an HTTP request which makes use of a hole in the server WWW. This function lets it pass because the packet is valid at IP/port level.
    If a packet or a data stream, divided into more packets, contains any kind of attack, the packet will be blocked and the connection will be closed without being damaged. Currently 8 MBits of data can be analysed with a MTU of 1500 bytes on the WWW traffic at the same time. It equals almost 3000 contemporary connections.
    Sometimes in the nets an IDS, separated from the firewall, is inserted. It warns the administrator of the intrusion. Such warning, however, turns out to be one of the following:
    1. Late-comer. The damage has already been done.
    2. Deceptive.The system administrator may block the access to the WWW server with a firewall rule to authorized users.
    3. Dangerous. The system is considered safe. It provides access solely to the users allowed by us and it warns about possible problems.
      A hacker simply needs to set up the trojans program and his attack quite comes off in a few seconds. This program exploits a fault in the software and given that it is connected externally, the hacker will have a bidirectional channel with the server. Actually, the program is legal because it is deemed outgoing traffic. Such traffic comes from the inner WWW server and it goes outside.

  •  
  • Proxy HTTP and antivirus function. It checks the html pages downloaded from Internet before showing them on the inner browsers of the firm. (*)

  •  
  • Proxy SMTP and antivirus function. It checks the e-mails before showing them on the inner electronic mail clients of the firm. (*)

 
The Dolphinwall firewall is installed in two configurations:
  • firewall/central manager
  • peripherical firewall
In the first case you need the firewall program and an HTTPS server. This server allows the configuration both of the central point and the perpherical ones. The central point needs at least a PIII 500 computer, 128 RAM, a hard disk and two net cards. On the other hand, the peripherical points need at least a PIII 500 computer, 128 RAM and two net cards.
The firewall works completely by CD-ROM. Besides, you can use a USB pen-drive for the back-up of the configuration. Therefore, this firewall can also be installed by users who don't have specific knowledge.
 
 
(*) Additional modules.