A consultant has recommended your organization look to increase its security pro

Question

A consultant has recommended your organization look to increase its security profile in relation to SMTP traffic. Management has asked you devise a firewall-specific strategy to address the recommendation. What strategy would you recommend, and why? Your answer should be approximately 200-250 words in length. Your organization has created a data-sharing partnership with another business. Management of both organizations has decided they want to share data between their networks via FTP. Data sharing will occur between known, existing servers on each side of the network. You have been asked to devise a firewall-specific strategy to facilitate this new connection. What strategy would you recommend, and why? Your answer should be approximately 200-250 words in length.

Explanation / Answer

Answering only 1 question as multiple questions are asked

The SMTP protocol does not use any authentication or encryption mechanism Client side sending emails can protect them using secure MIME or PGP (pretty good privacy). However, the better way of improving security of SMTP is by using SSL (secure socket layer). SMTP works on port 25 and non-SSL servers cannot connect through that port. However, the STARTTLS command allows the use of TLS (Transport Layer Security) for SMTP protocol. Microsoft Exchange Server is one application which allows the use of SSL & TLS.

So, the firewall needs the following to be implemented:

Allow only SSL traffic for SMTP so that no unencrypted data is exchanged

Allow only traffic on specific ports so that other ports are not exposed for attack

Check for SMTP packets and discard any other kind of packets to prevent attacks

Common way to protect the email exchange infrastructure is by using two firewalls. A dual firewall topology allows protection of internal Exchange servers and filters incoming e-mail against potential attacks. The area between the two firewalls is called the perimeter network (also known as DMZ or demilitarized zone).

The perimeter network is more trusted as it resides behind at least one organizational firewall and generally houses servers that can be considered “expendable.” The external firewall must have port 25 open to facilitate incoming SMTP traffic. Mail is routed to the next firewall where it is processed for viruses, checked using various spam filters, and run through various incoming transport rules. The external firewall also provides the ability to scan incoming content for viruses and spyware. Many of today’s security appliances, such as the Cisco ASA and Sonicwall’s family of firewalls, provide this additional protection.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.