Firewalls in an OSI-environment

A firewall is a well established security measure for connecting to the Internet (TCP/IP protocol suite). Government procurement profiles for data communication products (GOSIPs Government OSI Profile) usually demand use of official international standards, as defined by the International Standards Organization (ISO). ISO has defined a framework for Open Systems Interconnection (OSI), and develops protocol specifications (ISO-protocols) to fit in this framework. It can be assumed that firewalls are going to be an important security measure also when using ISO-protocols. But firewall products for ISO-protocols remain still to be seen, and little research has been done regarding firewalls in an OSI-environment. This paper discusses the consequences of introducing ISO-protocols from a firewalls point of view. As one might suspect, it is not trivial to transform from TCP/IP to OSI in this matter. Fundamental problems are presented, and recommendations are given on how to solve them. Use of a firewall to map between internal and external security policies is discussed.