1. SECURITY
Firewalls & Anti-Virus
SYNOPSIS
A review of security devicesfor your PC and
network. Covering the various types of
firewall and anti-virus programs available, a
brief history of these devices and the costs
involved with implementing these security
solutions.
Jordan Hyman 20109461
Computer System Fundamentals
3. JORDAN HYMAN 20109461
9/25/15
SECURITY
1
Definitions
Firewall
A firewall can either be hardware (A physical device attached to the front of your
network) or software (A programinstalled locally on your machine).
The differences between a hardware and software firewall are that a hardware
firewall providea protectivebarrier that hides an organisations internal IP addresses
and PC’s fromthe outside world and they can also protect one company
department from another. Softwarefirewallson the other hand can only provide a
protective barrier on the machine they are installed on and not the entire network.
A firewall is designed to block unauthorized access whilestill permitting outward
communication, hardware firewalls can be built into routers or can be standalone
units.
Anti-Virus
Anti-virus software is installed locally on your machine and it is designed to detect
and destroy computer viruses, it works by continuous monitoring and detection to
prevent an infection and if an infection is found it remediates the problem.
History
Firewalls
The first network firewalls appeared in the late 1980s and were routersused to
separate a network into smaller LANs, firewalls like this wereput in place to limit
problems fromone LAN spilling over and affecting the wholenetwork. The first
security firewalls were used in the early 1990s. They wereI Prouters with filtering rules,
these firewalls were effective, but limited with very simple filtering rulessuch as if “x”
comes from “y” allow or if “x” comes from “y” deny. The next security firewalls were
more elaborate and more tuneable. Probably the first commercial firewall of this
type, using filters and application gateways (proxies), was fromDigital Equipment
Corporation, and was based on the DEC corporate firewall. Brian Reid and the
engineering teamat DEC's Network Systems Lab in Palo Alto originally invented the
DEC firewall. On October 1, 1993, the Trusted Information Systems (TIS) Firewall Toolkit
(FWTK) was released in sourcecode formto the Internet community. It provided the
basis for TIS' commercial firewall product, later named Gauntlet. The FWTK is still in
use by experimenters, as well as government and industry, as a basis for their Internet
security. In 1994, Check Point followed with the Firewall-1 product, introducing "user
friendliness" to the world of Internet security. The firewallsbeforeFirewall-1 required
editing of ASCII files with ASCII editors. Check Point introduced icons, colours, and a
mouse-driven, X11 based configuration and management interface, greatly
simplifying fire-wall installation and administration.Page
4. JORDAN HYMAN 20109461
9/25/15
SECURITY
2
Anti-Virus
Most of the computer viruses written in the early and mid-1980s were limited to self-
reproduction and had no specific damage routine built into the code. That
changed when more and more programmers became acquainted with virus
programming and created virusesthat manipulated or even destroyed data on
infected computers. There are competing claims for the innovator of the first
antivirus product. Possibly the first publicly documented removal of a computer virus
in the wild was performed by Bernd Fix in 1987. There werealso twoantivirus
applications for the Atari ST platform developed in 1987. The first one was G Data
and second was UVK 2000. Fred Cohen, who published one of the first academic
papers on computer viruses in 1984, began to develop strategies for antivirus
softwarein 1988 that werepicked up and continued by later antivirus software
developers. In 1987, he published a demonstration that there is no algorithmthat
can perfectly detect all possible viruses. In 1987 the first two heuristic antivirus utilities
were released: Flushot Plus by Ross Greenberg and Anti4us by Erwin Lanting, and
then in 1988 a mailing list named VIRUS-L was started on the BITNET/EARN network
where new viruses and the possibilities of detecting and eliminating viruseswere
discussed. Some members of this mailing list like John McAfeeor Eugene Kaspersky
later founded software companies that developed and sold commercial antivirus
software.
Vendors
Firewall
Corporate
Vendor Solutions Offered
Checkpoint Hardware and
Software
Fortinet Hardware
Barracuda
Networks
Hardware
Cisco Hardware
Palo Alto
Networks
Hardware
Watchguard Hardware
Personal
Vendor Solution Offered
Kaspersky Software
Microsoft Software (In-built into the family of
Windows Operating Systems from
Windows XP SP2 Onwards)
5. JORDAN HYMAN 20109461
9/25/15
SECURITY
3
Comodo Software
Checkpoint
(Marketed as
ZoneAlarm)
Software
Anti-Virus
AVG
Avast
Avira
Clamwin
Comodo Group
Eset
F-Secure
Fortinet
Kaspersky
Microsoft
Panda
Symantec
Trend-Micro
Implementation Cost
Firewall
Corporate
Vendor Price Range
Checkpoint Starting from£246.90 for a Check Point
600 Appliance
Fortinet Starting from£1,023 for a Fortigate60D
Barracuda Networks Starting from$4000 for a Barracuda
Firewall X400
Cisco Starting from£224.60 for a Cisco ASA
5505
Palo Alto Networks Starting from$2000 for a PA-200
Watchguard Starting from£250.81 for a WatchGuard
Firebox T10 with 1-yr LiveSecurity
Personal
Vendor Cost License Length Product includes
Kaspersky From £35.99 for 1
PC
12 Months
(Additional lengths
available for
additional cost)
Offered as a
complete suite
encompassing
anti-virus and
firewall protection
Microsoft Free (In-Built into
the Microsoft
Windows
Operating System
6. JORDAN HYMAN 20109461
9/25/15
SECURITY
4
Family from
Windows XP SP2
Onwards)
Comodo From £33.48 for up
to 3 PCs
12 Months
(Additional lengths
available for
additional cost)
Offered as a
complete suite
encompassing
anti-virus and
firewall protection
Checkpoint
(Marketed as
ZoneAlarm)
£27.95 for 3 PCs 12 Months with
additional cost for
a 24 month license
at £50.95 as well as
various other
optional extras
such as a Backup
CD.
Offered as a
complete suite
encompassing
anti-virus and
firewall protection
or as a standalone
product
Many vendors also offer a complete suite option that encompasses both anti-virus
and firewall protection which is known as a premium or premium plus suite with
varying prices, license lengths and number of PCs and in some cases mobile devices
which can be protected.
Anti-Virus
Vendor Free
Version
Licensed Cost License Length
AVG Yes $39.99 12 Months
Avast Yes From £29.99 for 1
PC
12 Months
(Additional lengths
available for
additional cost)
Avira Yes From £29.99 for 1
PC
12 Months
(Additional lengths
available for
additional cost)
Clamwin Yes N/A N/A
Comodo
Group
Yes £16.73 12 Months
(Additional lengths
available for
additional cost)
Eset Trial From £29.99 for 1
PC
12 Months
(Additional lengths
available for
additional cost)
F-Secure No From £19.95 for 1
PC
12 Months
(Additional lengths
available for
additional cost)
Fortinet Yes N/A N/A
7. JORDAN HYMAN 20109461
9/25/15
SECURITY
5
Kaspersky Trial From £29.99 for 1
PC
12 Months
(Additional lengths
available for
additional cost)
Panda Trial From £36.29 for 1
PC
12 Months
(Additional lengths
available for
additional cost)
Symantec
(Marketed as
Norton)
Trial From £29.99 for 1
PC
12 Months
Trend-Micro Trial From $34.95 for 1
PC
12 Months
(Additional lengths
available for
additional cost)
Microsoft Add on to Microsoft Windows Family of Operating
Systems
Corporate or Enterprise Solutions are available for Anti-Virusproducts which can
either be stand-alone products installed on every machine or a distributed version
located on a centralised server and then distributed across the network for all local
devices. The cost for these solutions is dependent on which model you choose
(localised or distributed) and the number of devices requiring protection. Avast are
the only vendor who offer a free managed cloud based version of their anti-virus
softwarethat can be distributed on your network devices as well as stand-alone
based versionsof their software and Microsoft Security Essentials is available for small
businesses with up to 10 PCs if the business has more than 10 PCs then they can be
protected with Microsoft SystemCenter 2012 Endpoint Protection deployed and
managed through Microsoft SystemCentre 2012 R2 Configuration Manager which is
a self-managed cloud based version of the anti-virus software.
As well as corporatesolutions there are now mobile versions of anti-virus software
available because as the number of smart phone users has exponentially grown so
has the number of viruses specifically aimed at mobile devices increased and as
such many of the vendors listed above offer both free and premium v ersions of their
anti-virus software. Some of the listed vendors include a premiummobile protection
license with the license issued for the PC based version allowing usersto protect their
mobile devicesfromtheir computers as well as manage their deviceshould it be lost
or stolen as shown below for Avast Premiumanti-virus 2015: