•  Screened host – uses both packet filtering
                   router and a bastion host.
               •  Screened subnet – two separate packet filters.
               •  3 legged firewall – DMZ.
               •  Firewall virtualization – use if you need VLANs.


               Internet & Web Security Technologies
               •  SSL:
                       •  Record Protocol - used to pass messages.
                       •  Handshake protocol - used to establish
                          an SSL connection.
               •  Transport Layer Security (TLS) – authentication
                   and protection.
               •  WTLS – TLS for cell phones, not wireless LANs.
                       •  Built into the stack, so you just have to
                          turn it on.
                       •  Encryption & authentication.
                       •  Encryption stops at the gateway (SSL
                          from the gateway to the webserver) →
                          version 1 only (but nobody uses v2 yet).
               •  Application layer security protocols
                       •  Secure remote procedure call (S-RPC).
                       •  Dnssec.
                       •  S-HTTP.
                       •  Electronic payment schemes (SET, Ecash,
                          net cash, Mondex, Cybercash, etc.)

               Voice Over IP (VOIP)
               •  Easier to wiretap.