16. Communication. Role play.
Job Interview.
Participants.
Staff Manager.
Candidate 1.
Candidate 2.
Top Manager.
Staff Manager. You’re interested in hiring a young and enthusiastic person. Think of your requirements and questions which will clear out the suitable candidate. Give the comments of your choice.
Candidate 1. You’ve just graduated from … university. You feel quite well-prepared theoretically for the job and have lots of plans. Think and be ready to present your advantages and ideas.
Candidate 2. You’ve got some job experience and good recommendations from your previous job. You’re very good at doing practical work. Think of the details and be ready to present your advantages.
Top Manager. You have to choose the most suitable candidate. Think of your requirements and questions to the candidates. Be ready to test their knowledge and professional skills and comment on your choice.
17. Writing. Write your cv. See Appendix 4
Unit 9. FIREWALL
Pronunciation
Make sure you pronounce the following words properly:
|
|
Memorize the terms
1. Read the following terms and their definitions and memorize them:
chart a table of filtering rules – prearrange a set of rules for packet filtering
flag – marker, indicator
information outflow – leakage of confidential information
local firewall – means of protection installed on the computer
outside hub - wiring panel located outside
packet filter – means that processes packets and doesn’t allow passing of malicious items
traffic filtering – processing and passing or blocking the information of the internet
2. Match the following words with their Russian equivalents:
|
software firewall |
функциональный уровень |
|
collapsed network |
шлюз |
|
distributed firewall |
сервер прикладного уровня |
|
functional layer |
номер порта отправителя |
|
gateway |
рухнувшая сеть |
|
application layer server |
программное средство сетевой защиты |
|
source port number |
распространяемая система защиты доступа |
3. Match the following words with their synonyms:
|
(packet) proceeding |
get, obtain |
|
relevant |
let pass |
|
flaw |
broken down |
|
gate (v) |
movement |
|
gain |
intermediary, in-between |
|
collapsed (network) |
defect |
|
mediator |
significant, meaningful |
Reading
4. Pre-reading task.
Do you use firewall? Which one?
Where are firewalls to be used?
What are the principles of their work?
What are the criteria of choosing a firewall?
5. Scan the text and mark the sentences about
- the principles of classification of firewalls;
- the most advantageous method of prevention access to undesirable internet-resources and blocking external attacks;
- how information exchange between driver and application program is realized.
T
ext
1. Personal firewall.
Problem of information security in global network is very important today because a lot of personal computers have connection to Internet. This problem can be solved by means of using personal firewall. Firewall is a system which allows dividing network by several parts, and realizing a set of rules determining conditions of information between these parts.
Firewalls can be classified by implementation as software, hardware and mixed type; or by component model as local and distributed. But classification by function layer is the most useful. Here we can determine three types of firewalls: packet filters, application layer servers and session layer gateways.
Session layer gateway represents system translating connections outside. User process connects to firewall when access is gaining. Then firewall connects to outside hub. During the work firewall duplicates incoming and outgoing information. Such system is low efficient and doesn’t grant new network services protection.
Application layer server represents mediator between user process and required service. It passes through all traffic and takes a decision about its safety according to security policy. Such firewall is also low efficient and very expensive.
Packet filtering lies in taking decision of gating or not one or another packet on basis of information about IP-address, source and destination port numbers, flags. Administrator’s task involves charting table of filtering rules. This system has high speed of packet proceeding and low cost.
But independently from type firewall must block all known attacks types. Also it must prevent information outflow if harmful code has already penetrated into computer. Control of access to internet-resources is the best way to save labour time of staff.
The most convenient way to prevent access to undesirable internet-resources and to block external attacks lies in packet filtering. Packet filter is configured to filter incoming and outgoing packets on the basis of information containing in TCP and IP headers. This technology is used because rules of filtering can be configured flexible and speed of packet processing is high. Main disadvantage of packet filter is visibility of net configuration from the internet. But this fact is not relevant for personal computer.
There are two methods of traffic filtering. First method lies in developing user application without creating network protocol driver. Such filters are simple in realization, but they don’t grant adequate protection.
Another method of traffic filtering adverts directly to core. There are several technologies in this group, but we’ve chosen TDI-filter. Such personal firewall represents packet filter and consists of driver and application program.
Driver realizes functions of Transport Data Interface (TDI) and intercepts all addresses to original TCP driver to store information about existing connections. Transport Data Interface represents unified program interface for interconnection between transport drivers (TCP driver, for example) and TDI-clients (servers, network interfaces emulators, redirectors). TDI makes TDI-clients independent from used transport protocols.
Application program reflects information about rules and packets and realizes simple user interface. This program receives information about blocked packets from driver. Information exchange between driver and application program is realized by means of standard functions of Win32 Application Programming Interface.