Firewall Technologies
A firewall is a concept that can be implemented by a single device, a group of devices, or even simply software running on a device such as a host or a server. the function of a firewall primarily is to deny unwanted traffic from crossing the boundary of the firewall. For network traffic, this means that a firewall, in its basic form, could be implemented by the following:
A router or other Layer 3 forwarding device that has an access list or some other method used to filter traffic that is trying to go between two of its interfaces. This is the primary method that is implemented by an IOS router (using firewall features) or the Adaptive Security Appliance (ASA) firewall.
A switch that has two virtual LANs (VLAN) without any routing in between them, which would absolutely keep traffic from the two different networks separate (by not being able to have inter-VLAN communications).
Hosts or
servers that are running software that prevents certain types of received
traffic from being processed and controls which traffic can be sent. This is an
example of a software firewall.
There is nothing
like hardware firewall. Every device has two components - Software &
Hardware. Many firewall company create their own box (both software and hardware)
and are specifically designed for firewall purpose which work in harmony to
accomplish this.
NG firewall: - Here NG
stands for Next Generation. Many of today’s firewall call themselves as next
generation but I found only three (Checkpoint, Palo Alto, Cisco ASA- after
version 8.3). Others firewall could be UTM (Unified Threat Management) on
which, you can perform different operations on same hardware instead of buying
other appliances.
Types firewall
Packet filtering
firewall.
These firewalls operate at points where devices like
routers and switches work. They don't route packets, but instead compare each
packet to a set of criteria, like allowed IP addresses, packet type, port
number and more. Packets that don't fit the criteria are dropped and not forwarded
to the internal network
Circuit level gateway.
These firewalls monitor TCP and other network protocol messages as they are established and determine whether the session being initiated is legitimate. And if the remote system can be trusted, these firewalls do not inspect the actual data.
Stateful firewall
Stateful inspection, also known as
dynamic packet filtering, is a firewall technology that monitors the state of
active connections and uses this information to determine which network packets
to allow through the firewall.
A firewall in “stateful” mode
inspects packets from each new connection to determine what an acceptable
packet looks like. Once it knows what type of packets are acceptable ICMP, TCP
etc. it then only looks to identify “non-standard” packets for each source.
This frees the firewall from examining each packet and allows the firewall to
run more efficiently.
Next Generation firewall.
A typical next
generation firewall combines Packet Inspection, stateful inspection, some
variety of deep packet inspection, and other security features like intrusion
detection and prevention, malware filtering, and antivirus.
Next generation firewall
A next generation
firewall has the capabilities of a traditional firewall plus advanced
functionalities such as user
identification, application identification, anti-virus, anti-spyware, URL
filtering etc. The goal of NGFW is to maintain comprehensive
visibility into users, mobile devices, clientside apps, virtual machine
(VM)-to-VM communications, vulnerabilities, threats, and uniform resource
locato rs (URL).
A next generation firewall could detect
Facebook chat traffic that is passing over TCP port 80 and block specifically
only that. This means you could allow facebook browsing but disable the chat
feature.
Firewall Access Rules
As mentioned before, the appropriate method for implementing
firewall rules is based on a policy.
Rules
based on service control
These rules are based on the types of services that may be
accessed through the firewall, inbound or outbound. An example is that access
to web servers, both HTTP or HTTPS, is allowed while all other types of traffic
are denied.
Rules
based on address control
These rules are based on the source/destination addresses
involved, usually with a permit or deny based on specific entries in an access
control list.
Rules
based on direction control
These rules specify where the initial traffic can flow. For
example, a rule might say that traffic from the inside going to the outside
(which we could also call outbound traffic) is permitted. Traffic initiated
from the outside going to inside resources (which we could call inbound
traffic) would be denied. Note that stateful filtering, with its stateful database,
could dynamically allow the return traffic back to the inside users. These
types of rules could very easily be combined (and usually are) with various
protocols/services (such as HTTP, HTTPS, and so on).
Rules based on user control
These rules control access based on knowing who the user is and what that user is authorized to do. This can be implemented via AAA services.
Rules
based on behaviour control
These rules control how a particular service is used. For example, a firewall may implement an e-mail filter to protect against spam.
Not all cisco routers have firewall software in them, some firewalls can be used as routers too. So, which flavor router do you have, and what level of software and features came with the IOS installed for your router. You can implement security using ACLs on the Cisco router, but this is the most basic form the security.
Through firewall we can manage the users by make policies for access and denied rules, though of this users cannot access the unauthorized or social sites. With this we can manage the internet bandwidth and we can track the user what they are accessing? and it also provide security from malware attacks and sites containing viruses. it is also called gateway of network. it is must require for any organization for security purpose and as well as business productivity.
There are three main types of firewall software and hardware
configurations:
What is the difference between a firewall and a proxy?
Firewall is a router
(computer which is able to forward packets between two or more networks) with
some restriction rules applied.
Application proxy server
is a computer which is able to handle requests in some communication protocols
(HTTP, FTP, SOCKS,). For each used protocol appropriate proxy service must be
enabled.
Firewall works on the packet level. It can apply rules on packets (by
checking the source/destination IP address, source/destination port,) to decide
whether the packet will be forwarded or denied.
Proxy works on application protocol level. They don’t work on packet
level so they can't forward packets.
The client station has to be configured to use firewall as default
gateway.
Applications on the client PC have to be configured to use proxy server
to access Internet servers.
Firewall Manufacturer
Juniper Firewall.
Cisco Firewall.
Checkpoint
Firewall.
Palo Alto Firewall.
Fortigate Firewall.
Forcepoint
Firewall.
Watchguard
Firewall.
Barracuda Firewall.
Online Virtual Firewall Setup and Configuration Lab
how
to configure fortigate firewall
Configuring a Simple Firewall Cisco Router
Related Topics
Casino Finder - Woor's Sites
ReplyDeleteView the latest casino directory from Woor's Bingo, 마틴게일전략 Slots, Blackjack, Roulette and 바카라 필승법 many more. Find Casinos Near you.About Us · Contact 위닉스 먹튀 · About 벳 센세이션 Us · About 파라오 슬롯 Us · Casinos