Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
7693
Views
0
Helpful
0
Comments

Firewalls and types

Anim Saxena
Level 1
Level 1

‎04-02-2013 08:51 PM - edited ‎03-08-2019 06:48 PM

 

 

 

Introduction:

This document gives information about firewalls and their types:

 

 

What is firewall?

 

Firewalls protect a Network of Computers from being Compromised, Denial of Service and other Attacks from Hackers trying to Intrude the network from outside. A Firewall can be in the form of a Hardware or a Software on a Computer, as well. A Firewall needs to be connected to a minimum of two Network Interfaces, one which is supposed to be protected (Your Internal Network) and other which is Exposed to Attacks (Generally Internet). A Firewall can also be considered as a Gateway deployed between the two Networks.

 

 

How Firewalls work?

 

  • Firewall examine all the data packets passing through them to see if they meet the rules defined by the ACL (Access Control List) made by the administrator of the network. Only, If the Data Packets are allowed as per ACL, they will be Transmitted over the Connection.
  • Firewalls generally also maintain a log of Important Activities in Inside the Network. A Network Administrator can define what is important for him and configure the Firewall to make the Logs accordingly.
  • Firewall can filter contents on the basis of Address, Protocols, Packet attributes and State.
  • Firewalls generally only Screen the Packet Headers.

 

 

Types of Firewalls:

 

  • Packet Filtering Firewalls
  • Circuit Level Gateway Firewalls
  • Application level Gateway Firewalls
  • Stateful Multilayer Inspection Firewalls

 

Packet Filtering Firewall:

 

  • Packet Filtering Firewalls are normally Deployed on the Routers which connect the Internal Network to Internet. Packet Filtering Firewalls can only be Implemented on the Network Layer of OSI Model.
  • Packet Filtering Firewalls work on the Basis of Rules defines by Access Control Lists. They check all the Packets and screen them against the rules defined by the Network Administrator as per the ACLs. If in case, any packet does not meet the criteria then that packet is dropped and Logs are updated about this information.
  • Administrators can create their ACLs on the basis Address, Protocols and Packet attributes.

 

Advantage:

  • The Biggest Advantage of Packet Filtering Firewalls is Cost and Lower Resource Usage. Best Suited for Smaller Networks.

 

 

Disadvantage:

  • Packet Filtering Firewalls can work only on the Network Layer and these Firewalls do not support Complex rule based models. Also Vulnerable to Spoofing in some Cases.

 

Circuit Level Gateway Firewall:

 

  • Circuit level gateways are deployed at the Session layer of the OSI model and they monitor sessions like TCP three way handshake to see whether a requested connection is legitimate or not.
  • Major Screening happens before the Connection is Established.
  • Information sent to a Computer outside the network through a circuit level gateway appears to have originated from the Gateway. This helps in creating a stealth cover for the private network from outsiders.

 

Advantage:

  • Circuit level gateways are comparatively inexpensive and provide Anonymity to the private network.

 

Disadvantage:

  • Circuit level Gateways do not filter Individual Packets. After Establishing a Connection, an Attacker may take advantage of this.

 

 

Application level Gateway Firewalls:

 

  • Application level gateways work on the Application layer of the OSI model and provide protection for a specific Application Layer Procotol. Proxy server is the best example of Application Level Gateways Firewalls.
  • Application level gateway would work only for the protocols which is configured. For example, if we install a web proxy based Firewall than it will only allow HTTP Protocol Data. They are supposed to understand application specific commands such as HTTP:GET and HTTP:POST as they are deployed on the Application Layer, for a Specific Protocol.
  • Application level firewalls can also be configured as Caching Servers which in turn increase the network performance and makes it easier to log traffic.

 

Stateful Multilayer Inspection Firewall:

 

  • Stateful multilayer Inspection Firewall is a combination of all the firewalls that we have studied till now.
  • They can Filter packets at Network layer using ACLs, check for legitimate sessions on the Session Layers and they also evaluate packets on the Application layer (ALG).
  • Stateful Multilayer Inspection Firewall can work on a Transparent mode allowing direct connections between the client and the server which was earlier not possible.
  • Stateful Multilayer Inspection firewall can also implement algorithms and complex security models which are protocol specific, making the connections and data transfer more secure.

 

Advantages of Firewalls:

 

Software Firewalls:

  • Software firewalls are cheaper
  • Software firewalls are usually meant for personal use or for home use.
  • Software firewall are easy to configure.

 

 

 

Hardware Firewalls:

  • Speed: Hardware firewalls have faster response time and can handle high volumes of Bandwidth or Traffic.
  • Security: A firewall with its own IOS is less prone to attacks which increase the overall security of the network. Apart from this, they also provides more Features and Options.
  • No interference: A box which is separated from other network components can be managed easily and does not overload the operating system. The box can be easily Re-deployed anywhere in the network with minimal interference to the network as well.

 

Disadvantages of Firewalls:

 

Software Firewalls:

  • They Take up System Resources and slow down other Applications.
  • Software firewall are not suitable for organizations or Office Networks as they are generally not able to address DOS Attacks or DDOS Attacks as well.

 

Hardware Firewalls:

  • Dedicated hardware firewalls will definitely cost you more.
  • Hardware firewalls Require Technical Knowledge to install and manage. This knowledge will be Vendor Specific, at times.

 

IPTables:

 

  • IPTables is a user space application program that helps administrators to configure the tables provided by the Linux kernel firewall
  • There are other kernel modules and programs currently used for different protocols:
  • iptables applies to IPv4,
  • ip6tables to IPv6,
  • arptables to ARP,
  • ebtables as a special for Ethernet frames.
Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents