SM
Uploaded bysyeda zoya mehdi
DOCX, PDF9,456 views

Firewall

A firewall is a system or set of rules designed to permit or deny computer applications access to networks based on a set of rules. Firewalls can be implemented through software or hardware and work by examining network packets and blocking or allowing passage based on the packet's contents. There are several types of firewalls including network layer, application layer, circuit layer, and stateful multi-layer inspection firewalls. Firewalls help secure private networks from unauthorized access from other networks like the internet.

Embed presentation

Downloaded 447 times
ASSINGMENT Topic: Firewall
What is firewall? A firewall can either be software-based or hardware-based and is used to help keep a network secure. A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. It is a set of related programs, located at a network gateway server, which protects the resources of a private network from users from other networks. Basically, a firewall, working closely with a router program, examines each network packetto determine whether to forward it toward its destination. A firewall also includes or works with a proxy server that makes network requests on behalf of workstation users. A firewall is often installed in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources. A network's firewall builds a bridge between an internal network that is assumed to be secure and trusted, and another network, usually an external (inter)network, such as the Internet, that is not assumed to be secure and trusted. Explain different type of firewall? Types of firewall: Network layer firewall Application layer firewall Circuit layer firewall Stateful multi-layer inspection firewall
Proxy firewall Host-based firewall Packet filtering Hybrid firewall Network layer firewall The first generation of firewalls (c. 1988) worked at the network level by inspecting packet headers and filtering traffic based on the IP address of the source and the destination, the port and the service. Some of these primeval security applications could also filter packets based on protocols, the domain name of the source and a few other attributes. Network layer firewalls generally make their decisions based on the source address, destination address and ports in individual IP packets. A simple router is the traditional network layer firewall, since it is not able to make particularly complicated decisions about what a packet is actually talking to or where it actually came from. Modern network layer firewalls have become increasingly more sophisticated, and now maintain internal information about the state of connections passing through them at any time. One important difference about many network layer firewalls is that they route traffic directly through them, which means in order to use one, you either need to have a validly-assigned IP address block or a private Internet address block. Network layer firewalls tend to be very fast and almost transparent to their users.
Application layer firewall Application-level firewalls (sometimes called proxies) have been looking more deeply into the application data going through their filters. Application layer firewalls defined, are hosts running proxy servers, which permit no traffic directly between networks, and they perform elaborate logging and examination of traffic passing through them. By considering the context of client requests and application responses, these firewalls attempt to enforce correct application behavior; block malicious activity and help organizations ensure the safety of sensitive information and systems. They can log user activity too. Application-level filtering may include protection against spam and viruses as well, and be able to block undesirable Web sites based on content rather than just their IP address. If that sounds too good to be true, it is. The downside to deep packet inspection is that the more closely a firewall examines network data flow, the longer it takes, and the heavier hit your network performance will sustain. This is why the highest-end security appliances include lots of RAM to speed packet processing. And of course you'll pay for the added chips. Application layer firewalls defined, are hosts running proxy servers, which permit no traffic directly between networks, and they perform elaborate logging and examination of traffic passing through them. Since proxy applications are simply software running on the firewall, it is a good place to do lots of logging and access control. Application layer firewalls can be used as network address translators, since traffic goes in one side and out the other, after having passed through an application that effectively masks the origin of the initiating connection. However, run-of-the-mill network firewalls can't properly defend applications. As Michael Cobb explains, application-layer firewalls offer Layer 7 security on a more granular level, and may even help organizations get more out of existing network devices.
Circuit layer firewall These applications, which represent the second-generation of firewall technology, monitor TCP handshaking between packets to make sure a session is legitimate. Traffic is filtered based on specified session rules and may be restricted to recognized computers only. Circuit-level firewalls hide the network itself from the outside, which is useful for denying access to intruders. But they don't filter individual packets. Applies security mechanism when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking. Circuit gateways firewalls function at the network transport layer. They allow or deny connections based on addresses and prevent direct connection between networks. Stateful multi-layer inspection firewall Stateful multilayer inspection firewalls combine the aspects of the other three types of firewalls. SML vendors claim that their products deploy the best features of the other
three firewall types. They filter packets at the network level and they recognize and process application-level data, but since they don't employ proxies, they deliver reasonably good performance in spite of the deep packet analysis. On the downside, they are not cheap, and they can be difficult to configure and administer. They filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. They allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways. They rely on algorithms to recognize and process application layer data instead of running application specific proxies. Stateful multilayer inspection firewalls offer a high level of security, good performance and transparency to end users. They are expensive however, and due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel. Proxy firewall Proxy firewalls offer more security than other types of firewalls, but this is at the expense of speed and functionality, as they can limit which applications your network can support. Proxy firewalls also provide comprehensive, protocol-aware security analysis for the protocols they support. This allows them to make better security decisions than products that focus purely on packet header information. Intercepts all messages entering and leaving the network. The proxy server efficiently hides the true network addresses. Host-based firewall
Network perimeter firewalls cannot provide protection for traffic generated inside a trusted network. For this reason, host-based firewalls running on individual computers are needed. Host-based firewalls, of which Windows Firewall with Advanced Security is an example, protect a host from unauthorized access and attack. In addition to blocking unwanted incoming traffic, you can configure Windows Firewall with Advanced Security to block specific types of outgoing traffic as well. Host-based firewalls provide an extra layer of security in a network and function as integral components in a complete defense strategy. In Windows Firewall with Advanced Security, firewall filtering and IPsec are integrated. This integration greatly reduces the possibility of conflict between firewall rules and IPsec connection security settings. Packet filtering Firewalls fall into four broad categories: packet filters, circuit level gateways, application level gateways and stateful multilayer inspection firewalls. Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP. They are usually part of a router. A router is a device that receives packets from one network and forwards them to another network. In a packet filtering firewall each packet is compared to a set of criteria before it is forwarded. Depending on the packet and the criteria, the firewall can drop the packet, forward it or send a message to the originator. Rules can include source and destination IP address, source and destination port number and protocol used. The advantage of packet filtering firewalls is their low cost and low impact on network performance. Most routers support packet filtering. Even if other firewalls are used, implementing packet filtering at the router level affords an initial degree of security at a low network layer. This type of firewall only works at the network layer however and does not support sophisticated rule based models. Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering.
Filtering firewalls can be classified according to types of filtering:  Static Filtering – is being implemented by most routers. Rules of filters are adjusted manually.  Dynamic Filtering – allows filtering rules to change depending on responses to outside processes. Hybrid firewall Hybrid firewalls as the name suggests, represent a combination of technologies. A hybrid firewall may consist of a pocket filtering combined with an application proxy firewall, or a circuit gateway combined with an application proxy firewall. The following types of firewalls are classified by intended application: 1. PC Firewalls 2. SOHO Firewalls 3. Firewall Appliances 4. Large Enterprise Type Firewalls PC Firewalls – are known as firewalls for personal use and are designed in such a way as to provide a satisfactory level of protection to users of single computers.
SOHO Firewalls – Small Office/Home Office firewalls are designed for small businesses with no dedicated information technology personnel. These type of firewalls offer simple configuration and sophisticated security levels. Usually SOHO firewalls are hardware appliances. Firewall Appliances – aimed at meeting requirements of small businesses and remote offices of large enterprises. Firewall appliances are specialized systems with fewer option configuration in comparison to those of a large enterprise firewalls. The distinction between firewall appliances and large enterprise level firewalls is identified in lesser amount of functionality, and absence of unnecessary security levels. Large Enterprise Type Firewalls – are usually hardware devices with extra features required for protection of a large business. These features typically include centralized administration, multi-firewall administration, and support for Internet, Intranet, and Extranet services. How firewall works? There are two access denial methodologies used by firewalls. A firewall may allow all traffic through unless it meets certain criteria, or it may deny all traffic unless it meets certain criteria. The type of criteria used to determine whether traffic should be allowed through varies from one type of firewall to another. Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. They may also use complex rule bases that analyses the application data to determine if the traffic should be allowed through. How a firewall determines what traffic to let through depends on which network layer it operates at. A discussion on network layers and architecture follows.
List of firewall using in Linux operating system? 1. Lptables 2. Lpcop 3. Shorewall 4. UFW – Uncomplicated Firewall 5. OpenBSD and PF 6. EBox platform 7. Monowall 8. Clear os 9. pfSense 10. Smoothwall Advanced List of firewall using in Windows operating system? 1. Zone Alarm firewall 2. Shardaccess 3. Mpssvc

More Related Content

PPTX
firewall and its types
byMohammed Maajidh
 
PPTX
Types Of Firewall Security
byiberrywifisecurity
 
PPT
Firewall
bynayakslideshare
 
PPT
Security Issues of Cloud Computing
byFalgun Rathod
 
PPT
Overview of TCP IP
byuniversity of education,Lahore
 
PPTX
Vanet ppt
byAkash Raghunath
 
PPTX
WSN Routing Protocols
byMurtadha Alsabbagh
 
PPTX
Switching Concepts presentation
byzameer Abbas
 
firewall and its types
byMohammed Maajidh
 
Types Of Firewall Security
byiberrywifisecurity
 
Firewall
bynayakslideshare
 
Security Issues of Cloud Computing
byFalgun Rathod
 
Overview of TCP IP
byuniversity of education,Lahore
 
Vanet ppt
byAkash Raghunath
 
WSN Routing Protocols
byMurtadha Alsabbagh
 
Switching Concepts presentation
byzameer Abbas
 

What's hot

PPT
firewall.ppt
byssuser530a07
 
PPTX
Firewall and Types of firewall
byCoder Tech
 
PPT
Firewall & its configurations
byStudent
 
PPTX
Virtual Private Network
byHASHIR RAZA
 
PPTX
Presentation on 5G security
byRanjitUpadhyay4
 
PPTX
IoT Security
byPeter Waher
 
PPTX
Storage Virtualization
byMehul Jariwala
 
PPTX
Virtualization & cloud computing
bySoumyajit Basu
 
PPTX
Fog computing paper presentation
byomkar parab
 
PPTX
Implementation levels of virtualization
byGokulnath S
 
PPTX
Cisco Networking (Routing and Switching)
byAlan Mark
 
PPTX
Lecture 10 intruders
byrajakhurram
 
PPTX
TinyOS
bySneha Shodhan
 
PDF
6LoWPAN: An open IoT Networking Protocol
bySamsung Open Source Group
 
PDF
IoT and LoRaWAN
byChris Herbert
 
PPTX
Token bus
byDenver Rockfreak
 
PPTX
Mobile Ad hoc Networks
byJagdeep Singh
 
PPT
Localization in WSN
byYara Ali
 
PPTX
WIRELESS TRANSMISSION
byjunnubabu
 
PPT
Wireless network ppt
byBasil John
 
firewall.ppt
byssuser530a07
 
Firewall and Types of firewall
byCoder Tech
 
Firewall & its configurations
byStudent
 
Virtual Private Network
byHASHIR RAZA
 
Presentation on 5G security
byRanjitUpadhyay4
 
IoT Security
byPeter Waher
 
Storage Virtualization
byMehul Jariwala
 
Virtualization & cloud computing
bySoumyajit Basu
 
Fog computing paper presentation
byomkar parab
 
Implementation levels of virtualization
byGokulnath S
 
Cisco Networking (Routing and Switching)
byAlan Mark
 
Lecture 10 intruders
byrajakhurram
 
TinyOS
bySneha Shodhan
 
6LoWPAN: An open IoT Networking Protocol
bySamsung Open Source Group
 
IoT and LoRaWAN
byChris Herbert
 
Token bus
byDenver Rockfreak
 
Mobile Ad hoc Networks
byJagdeep Singh
 
Localization in WSN
byYara Ali
 
WIRELESS TRANSMISSION
byjunnubabu
 
Wireless network ppt
byBasil John
 

Viewers also liked

PPT
Firewall
byAmuthavalli Nachiyar
 
PPTX
Firewall presentation
byAmandeep Kaur
 
PPT
Secure Socket Layer
byNaveen Kumar
 
PPTX
Pgp pretty good privacy
byPawan Arya
 
PPTX
S/MIME & E-mail Security (Network Security)
byPrafull Johri
 
PPT
Intruders
bytechn
 
PPTX
May 5 2016 NPS presentation-update on west pond breach repairs
byecowatchers
 
PPTX
Usace new york harbor drift removal
byecowatchers
 
PPT
Nps presentaion on horshoe crabs in jamaica bay
byecowatchers
 
PDF
Email Security Overview
by- Mark - Fullbright
 
PDF
Iciea08
byHanaa Salman
 
PDF
Jamaica Bay Greenway
byecowatchers
 
PPT
Rulers Bar/Blackwall island update 10 29 15 Elizabeth Manclarke-ALS
byecowatchers
 
PPTX
Dep head of bay oyster project jam bay task force fall 2017 update
byecowatchers
 
PPT
Nps presentation on restoration plans for north and south garden
byecowatchers
 
PPT
Blackwall island planting project
byecowatchers
 
PDF
Dep head of bay oyster project jam bay task force november 2016
byecowatchers
 
PPTX
Jamaica Bay Rockaway Parks Conservancy Update
byecowatchers
 
PPT
9 jamaica bay wildlife refuge 2015
byecowatchers
 
PDF
Fall 2015-Sunset Cove Update
byecowatchers
 
Firewall
byAmuthavalli Nachiyar
 
Firewall presentation
byAmandeep Kaur
 
Secure Socket Layer
byNaveen Kumar
 
Pgp pretty good privacy
byPawan Arya
 
S/MIME & E-mail Security (Network Security)
byPrafull Johri
 
Intruders
bytechn
 
May 5 2016 NPS presentation-update on west pond breach repairs
byecowatchers
 
Usace new york harbor drift removal
byecowatchers
 
Nps presentaion on horshoe crabs in jamaica bay
byecowatchers
 
Email Security Overview
by- Mark - Fullbright
 
Iciea08
byHanaa Salman
 
Jamaica Bay Greenway
byecowatchers
 
Rulers Bar/Blackwall island update 10 29 15 Elizabeth Manclarke-ALS
byecowatchers
 
Dep head of bay oyster project jam bay task force fall 2017 update
byecowatchers
 
Nps presentation on restoration plans for north and south garden
byecowatchers
 
Blackwall island planting project
byecowatchers
 
Dep head of bay oyster project jam bay task force november 2016
byecowatchers
 
Jamaica Bay Rockaway Parks Conservancy Update
byecowatchers
 
9 jamaica bay wildlife refuge 2015
byecowatchers
 
Fall 2015-Sunset Cove Update
byecowatchers
 

Similar to Firewall

DOCX
Firewall configuration
byNutan Kumar Panda
 
PPTX
Firewall
bySaurabh Chauhan
 
PPTX
Lec # 13 Firewall.pptx
byskknowledge
 
PDF
Firewall
byNetwax Lab
 
PDF
Firewalls
byJyoti Akhter
 
PPTX
Firewalls and packet filters
byMOHIT AGARWAL
 
PPTX
Firewall
byDevashree Kumari
 
PPTX
Firewall Design and Implementation
byajeet singh
 
PPTX
Firewall Design and Implementation
byajeet singh
 
DOC
Firewall
byShiva Krishna Chandra Shekar
 
PDF
BAIT1103 Chapter 8
bylimsh
 
PPTX
FIREWALhsjsjakakalalaakakkssjsjsskskkL.pptx
byzainshahid3040
 
PDF
CSC437-Fall2013-Module-7-Firewalls-IDS.pdf
byssuser1f1964
 
PPTX
firewall firewall firewall firewall firewall firewall firewall firewall
byNagaraja465570
 
PDF
Firewall
byShamima Akther
 
PPTX
firewall as a security measure (1)-1.pptx
byShreyaBanerjee52
 
DOC
Firewall
byShiva Krishna Chandra Shekar
 
ODT
Firewall
bySilas Augustine Ntiyamila
 
DOC
Firewall
byKenny2012
 
PPT
Firewalls (6)
byBhargu Bhargavi
 
Firewall configuration
byNutan Kumar Panda
 
Firewall
bySaurabh Chauhan
 
Lec # 13 Firewall.pptx
byskknowledge
 
Firewall
byNetwax Lab
 
Firewalls
byJyoti Akhter
 
Firewalls and packet filters
byMOHIT AGARWAL
 
Firewall
byDevashree Kumari
 
Firewall Design and Implementation
byajeet singh
 
Firewall Design and Implementation
byajeet singh
 
Firewall
byShiva Krishna Chandra Shekar
 
BAIT1103 Chapter 8
bylimsh
 
FIREWALhsjsjakakalalaakakkssjsjsskskkL.pptx
byzainshahid3040
 
CSC437-Fall2013-Module-7-Firewalls-IDS.pdf
byssuser1f1964
 
firewall firewall firewall firewall firewall firewall firewall firewall
byNagaraja465570
 
Firewall
byShamima Akther
 
firewall as a security measure (1)-1.pptx
byShreyaBanerjee52
 
Firewall
byShiva Krishna Chandra Shekar
 
Firewall
bySilas Augustine Ntiyamila
 
Firewall
byKenny2012
 
Firewalls (6)
byBhargu Bhargavi
 

More from syeda zoya mehdi

PPTX
Game playing in artificial intelligent technique
bysyeda zoya mehdi
 
PPTX
Windows phone
bysyeda zoya mehdi
 
DOCX
Maslow, herzberg, mc clelland, ouchi, thamhain and wilemon and convey theories
bysyeda zoya mehdi
 
DOCX
Php update and delet operation
bysyeda zoya mehdi
 
DOCX
Project quality management
bysyeda zoya mehdi
 
DOCX
Introduction of javascript
bysyeda zoya mehdi
 
PPTX
Sony nextep
bysyeda zoya mehdi
 
PPTX
Android vs window
bysyeda zoya mehdi
 
DOCX
Mobile phone calling and texting college students in pakistan
bysyeda zoya mehdi
 
DOCX
Table through php
bysyeda zoya mehdi
 
Game playing in artificial intelligent technique
bysyeda zoya mehdi
 
Windows phone
bysyeda zoya mehdi
 
Maslow, herzberg, mc clelland, ouchi, thamhain and wilemon and convey theories
bysyeda zoya mehdi
 
Php update and delet operation
bysyeda zoya mehdi
 
Project quality management
bysyeda zoya mehdi
 
Introduction of javascript
bysyeda zoya mehdi
 
Sony nextep
bysyeda zoya mehdi
 
Android vs window
bysyeda zoya mehdi
 
Mobile phone calling and texting college students in pakistan
bysyeda zoya mehdi
 
Table through php
bysyeda zoya mehdi
 

Recently uploaded

PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
PPTX
Building Agents in Microsoft Agent Framework.pptx
byUdaiappa Ramachandran
 
PDF
How to Evaluate a High Performance Database
byScyllaDB
 
PPTX
UiPath Autonomous Agents | Building and Orchestrating Agents End-to-End
byUiPathCommunity
 
PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PDF
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
PDF
100 Insights After the 200th Issue of NewMind AI Journal
byNewMind AI
 
PPTX
Gemini vs ChatGPT : Comparing Top AI Models
byDigicarrom
 
PDF
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
PPTX
Emancipatory Information Retrieval: Radically Reorienting Information Retriev...
byBhaskar Mitra
 
PPTX
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
PDF
Exam Prep Plan Overview: Amazon Web Services (AWS) Certified
byVICTOR MAESTRE RAMIREZ
 
PPTX
DYNAMICALLY.pptx good for the teachers or students to do seminars and for tea...
bympoorvika031
 
PDF
AI Powered Document Processing and Data Extraction
byRobert McDermott
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PPTX
Technology Consulting _ by Slidesgo.pptx
byfh82277
 
PPTX
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
Building Agents in Microsoft Agent Framework.pptx
byUdaiappa Ramachandran
 
How to Evaluate a High Performance Database
byScyllaDB
 
UiPath Autonomous Agents | Building and Orchestrating Agents End-to-End
byUiPathCommunity
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
100 Insights After the 200th Issue of NewMind AI Journal
byNewMind AI
 
Gemini vs ChatGPT : Comparing Top AI Models
byDigicarrom
 
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
Emancipatory Information Retrieval: Radically Reorienting Information Retriev...
byBhaskar Mitra
 
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
Exam Prep Plan Overview: Amazon Web Services (AWS) Certified
byVICTOR MAESTRE RAMIREZ
 
DYNAMICALLY.pptx good for the teachers or students to do seminars and for tea...
bympoorvika031
 
AI Powered Document Processing and Data Extraction
byRobert McDermott
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
Technology Consulting _ by Slidesgo.pptx
byfh82277
 
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 

Firewall

  • 1.
  • 2.
    What is firewall? Afirewall can either be software-based or hardware-based and is used to help keep a network secure. A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. It is a set of related programs, located at a network gateway server, which protects the resources of a private network from users from other networks. Basically, a firewall, working closely with a router program, examines each network packetto determine whether to forward it toward its destination. A firewall also includes or works with a proxy server that makes network requests on behalf of workstation users. A firewall is often installed in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources. A network's firewall builds a bridge between an internal network that is assumed to be secure and trusted, and another network, usually an external (inter)network, such as the Internet, that is not assumed to be secure and trusted. Explain different type of firewall? Types of firewall: Network layer firewall Application layer firewall Circuit layer firewall Stateful multi-layer inspection firewall
  • 3.
    Proxy firewall Host-based firewall Packet filtering Hybrid firewall Network layer firewall The first generation of firewalls (c. 1988) worked at the network level by inspecting packet headers and filtering traffic based on the IP address of the source and the destination, the port and the service. Some of these primeval security applications could also filter packets based on protocols, the domain name of the source and a few other attributes. Network layer firewalls generally make their decisions based on the source address, destination address and ports in individual IP packets. A simple router is the traditional network layer firewall, since it is not able to make particularly complicated decisions about what a packet is actually talking to or where it actually came from. Modern network layer firewalls have become increasingly more sophisticated, and now maintain internal information about the state of connections passing through them at any time. One important difference about many network layer firewalls is that they route traffic directly through them, which means in order to use one, you either need to have a validly-assigned IP address block or a private Internet address block. Network layer firewalls tend to be very fast and almost transparent to their users.
  • 4.
    Application layer firewall Application-levelfirewalls (sometimes called proxies) have been looking more deeply into the application data going through their filters. Application layer firewalls defined, are hosts running proxy servers, which permit no traffic directly between networks, and they perform elaborate logging and examination of traffic passing through them. By considering the context of client requests and application responses, these firewalls attempt to enforce correct application behavior; block malicious activity and help organizations ensure the safety of sensitive information and systems. They can log user activity too. Application-level filtering may include protection against spam and viruses as well, and be able to block undesirable Web sites based on content rather than just their IP address. If that sounds too good to be true, it is. The downside to deep packet inspection is that the more closely a firewall examines network data flow, the longer it takes, and the heavier hit your network performance will sustain. This is why the highest-end security appliances include lots of RAM to speed packet processing. And of course you'll pay for the added chips. Application layer firewalls defined, are hosts running proxy servers, which permit no traffic directly between networks, and they perform elaborate logging and examination of traffic passing through them. Since proxy applications are simply software running on the firewall, it is a good place to do lots of logging and access control. Application layer firewalls can be used as network address translators, since traffic goes in one side and out the other, after having passed through an application that effectively masks the origin of the initiating connection. However, run-of-the-mill network firewalls can't properly defend applications. As Michael Cobb explains, application-layer firewalls offer Layer 7 security on a more granular level, and may even help organizations get more out of existing network devices.
  • 5.
    Circuit layer firewall Theseapplications, which represent the second-generation of firewall technology, monitor TCP handshaking between packets to make sure a session is legitimate. Traffic is filtered based on specified session rules and may be restricted to recognized computers only. Circuit-level firewalls hide the network itself from the outside, which is useful for denying access to intruders. But they don't filter individual packets. Applies security mechanism when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking. Circuit gateways firewalls function at the network transport layer. They allow or deny connections based on addresses and prevent direct connection between networks. Stateful multi-layer inspection firewall Stateful multilayer inspection firewalls combine the aspects of the other three types of firewalls. SML vendors claim that their products deploy the best features of the other
  • 6.
    three firewall types.They filter packets at the network level and they recognize and process application-level data, but since they don't employ proxies, they deliver reasonably good performance in spite of the deep packet analysis. On the downside, they are not cheap, and they can be difficult to configure and administer. They filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. They allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways. They rely on algorithms to recognize and process application layer data instead of running application specific proxies. Stateful multilayer inspection firewalls offer a high level of security, good performance and transparency to end users. They are expensive however, and due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel. Proxy firewall Proxy firewalls offer more security than other types of firewalls, but this is at the expense of speed and functionality, as they can limit which applications your network can support. Proxy firewalls also provide comprehensive, protocol-aware security analysis for the protocols they support. This allows them to make better security decisions than products that focus purely on packet header information. Intercepts all messages entering and leaving the network. The proxy server efficiently hides the true network addresses. Host-based firewall
  • 7.
    Network perimeter firewallscannot provide protection for traffic generated inside a trusted network. For this reason, host-based firewalls running on individual computers are needed. Host-based firewalls, of which Windows Firewall with Advanced Security is an example, protect a host from unauthorized access and attack. In addition to blocking unwanted incoming traffic, you can configure Windows Firewall with Advanced Security to block specific types of outgoing traffic as well. Host-based firewalls provide an extra layer of security in a network and function as integral components in a complete defense strategy. In Windows Firewall with Advanced Security, firewall filtering and IPsec are integrated. This integration greatly reduces the possibility of conflict between firewall rules and IPsec connection security settings. Packet filtering Firewalls fall into four broad categories: packet filters, circuit level gateways, application level gateways and stateful multilayer inspection firewalls. Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP. They are usually part of a router. A router is a device that receives packets from one network and forwards them to another network. In a packet filtering firewall each packet is compared to a set of criteria before it is forwarded. Depending on the packet and the criteria, the firewall can drop the packet, forward it or send a message to the originator. Rules can include source and destination IP address, source and destination port number and protocol used. The advantage of packet filtering firewalls is their low cost and low impact on network performance. Most routers support packet filtering. Even if other firewalls are used, implementing packet filtering at the router level affords an initial degree of security at a low network layer. This type of firewall only works at the network layer however and does not support sophisticated rule based models. Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering.
  • 8.
    Filtering firewalls canbe classified according to types of filtering:  Static Filtering – is being implemented by most routers. Rules of filters are adjusted manually.  Dynamic Filtering – allows filtering rules to change depending on responses to outside processes. Hybrid firewall Hybrid firewalls as the name suggests, represent a combination of technologies. A hybrid firewall may consist of a pocket filtering combined with an application proxy firewall, or a circuit gateway combined with an application proxy firewall. The following types of firewalls are classified by intended application: 1. PC Firewalls 2. SOHO Firewalls 3. Firewall Appliances 4. Large Enterprise Type Firewalls PC Firewalls – are known as firewalls for personal use and are designed in such a way as to provide a satisfactory level of protection to users of single computers.
  • 9.
    SOHO Firewalls –Small Office/Home Office firewalls are designed for small businesses with no dedicated information technology personnel. These type of firewalls offer simple configuration and sophisticated security levels. Usually SOHO firewalls are hardware appliances. Firewall Appliances – aimed at meeting requirements of small businesses and remote offices of large enterprises. Firewall appliances are specialized systems with fewer option configuration in comparison to those of a large enterprise firewalls. The distinction between firewall appliances and large enterprise level firewalls is identified in lesser amount of functionality, and absence of unnecessary security levels. Large Enterprise Type Firewalls – are usually hardware devices with extra features required for protection of a large business. These features typically include centralized administration, multi-firewall administration, and support for Internet, Intranet, and Extranet services. How firewall works? There are two access denial methodologies used by firewalls. A firewall may allow all traffic through unless it meets certain criteria, or it may deny all traffic unless it meets certain criteria. The type of criteria used to determine whether traffic should be allowed through varies from one type of firewall to another. Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. They may also use complex rule bases that analyses the application data to determine if the traffic should be allowed through. How a firewall determines what traffic to let through depends on which network layer it operates at. A discussion on network layers and architecture follows.
  • 10.
    List of firewallusing in Linux operating system? 1. Lptables 2. Lpcop 3. Shorewall 4. UFW – Uncomplicated Firewall 5. OpenBSD and PF 6. EBox platform 7. Monowall 8. Clear os 9. pfSense 10. Smoothwall Advanced List of firewall using in Windows operating system? 1. Zone Alarm firewall 2. Shardaccess 3. Mpssvc