Firewall

 

A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.

A network firewall is similar to firewalls in building construction, because in both cases they are intended to isolate one “network” or “compartment” from another.

Firewall Policies

• To protect private networks and individual machines from the dangers of the greater Internet, a firewall can be employed to filter incoming or outgoing traffic based on a predefined set of rules called firewall policies.

Policy Actions

• Packets flowing through a firewall can have one of three outcomes:

– Accepted: permitted through the firewall

– Dropped: not allowed through with no indication of failure

– Rejected: not allowed through, accompanied by an attempt to inform the source that the packet was rejected

• Policies used by the firewall to handle packets are based on several properties of the packets being inspected, including the protocol used,

such as:

– TCP or UDP

– the source and destination IP addresses

– the source and destination ports

– the application-level payload of the packet (e.g., whether it contains a virus)

 

Firewall Types

packet filters (stateless)

– If a packet matches the packet filter’s set of rules, the packet filter will drop or accept it

A stateless firewall doesn’t maintain any remembered context (or “state”) with respect to the packets it is processing. Instead, it treats each packet attempting to travel through it in isolation without considering packets that it has processed previously.

 

“stateful” filters

– it maintains records of all connections passing through it and can determine if a packet is either the start of a new connection, a part of an existing connection, or is an invalid packet.

Stateful firewalls can tell when packets are part of legitimate sessions originating within a trusted network.

Stateful firewalls maintain tables containing information on each active connection, including the IP addresses, ports, and sequence numbers of packets.

Using these tables, stateful firewalls can allow only inbound TCP packets that are in response to a connection initiated from within the internal network

 

application layer

– It works like a proxy it can “understand” certain applications and protocols.

– It may inspect the contents of the traffic, blocking what it views as inappropriate content (i.e. websites, viruses, vulnerabilities, …)

 

 

 

References

http://en.wikipedia.org/wiki/Firewall_%28computing%29

http://en.wikipedia.org/wiki/Firewall

http://www.webopedia.com/TERM/F/firewall.html

http://computer.howstuffworks.com/firewall.htm

http://personalfirewall.comodo.com/

http://www.cyberoam.com/firewall.html

http://www.microsoft.com/security/pc-security/firewalls-whatis.aspx

http://searchsecurity.techtarget.com/definition/firewall

 

 

 

Registration


A password will be e-mailed to you.

Feedback Form

Name (required)

Email (required)

Feedback