94 Broker Interactions for Intra- and Inter-enterprise
Protocol firewall node
A firewall is a hardware/software system that manages the flow of information
between the Internet and an organization's private network. Firewalls can
prevent unauthorized Internet users from accessing private networks connected
to the Internet, especially intranets, and can block some virus attacks (as long as
those viruses are coming from the Internet). A firewall can separate two or more
parts of a local network to control data exchange between departments.
Components of firewalls include filters or screens, each of which controls
transmission of certain classes of traffic. Firewalls provide the first line of defense
for protecting private information, but comprehensive security systems combine
firewalls with encryption and other complementary services, such as content
filtering and intrusion detection.
Firewalls control access from a less trusted network to a more trusted network.
Traditional implementations of firewall services include:
? Screening routers (the protocol firewall)
? Application gateways (the domain firewall)
A pair of firewall nodes provides increasing levels of protection at the expense of
increasing computing resource requirements. The protocol firewall is typically
implemented as an IP router.
Domain firewall node
The domain firewall is typically implemented as a dedicated server node.
A domain firewall is usually used to separate a secure zone, such as the internal
network, from a demilitarized zone. This provides added security protection from
the un-secure zone, such as the Internet.
Partner infrastructure
Partner infrastructure includes the partner's installed applications, data,
computing, and network infrastructure. Partner infrastructure has unspecified
internal characteristics; only the means with which to interact with it are specified.
Inter-enterprise network infrastructure
Inter-enterprise network infrastructure includes the network infrastructure
allowing connectivity between enterprises. Inter-enterprise network infrastructure
has unspecified internal characteristics; only the means with which to interact
with it are specified.