Firewall ( introduction )

A firewall is a device that is part hardware and part software that is used to secure network access. Fundamentally, both types of firewalls have the same objective: to provide a method of enforcing an access control policy. Indeed, at the simplest definition, firewalls are nothing more than access control policy enforcement points.

Types of Firewalls ;

Packet Filters
The most basic firewall technology is the packet filter.A packet filter is designed to filter packets based on source IP, destination IP, source port, and destination port, and do so on a packet-per-packet basis to determine if that packet should be allowed through.

The basic security principles of a packet filter, such as allowing or denying packets based upon IP address, provide the minimum amount of required security. So then, where does the packet filter go wrong? A packet filter cannot determine if the packet is associated with any other packets that make up a session.

Application Proxy
Application proxies provide one of the most secure types of access you can have in a security gateway. An application proxy sits between the protected network and the network you want to be protected from. Every time an application makes a request, the application intercepts the request to the destination system.The application proxy initiates its own request, as opposed to actually passing the client’s initial request. When the destination server responds back to the application proxy, the proxy responds back to the client as if it was the destination server.

This way the client and the destination server never actually interact directly.This is the most secure type of firewall because the entire packet, including its application portion, can be completely inspected.

Stateful Inspection
Stateful inspection is today’s choice for the core inspection technology in firewalls. Stateful inspection functions like a packet filter by allowing or denying connections based upon the same types of filtering. However, a stateful firewall also monitors the “state” of a communication.

0 comments:

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | cheap international voip calls