A firewall sits between private and public networks like the Internet to protect computers from unauthorized access. There are different types of firewalls that operate at different layers, including packet filtering firewalls that work at the network layer, circuit-level firewalls that work at the session layer, and application-level firewalls that filter at the application layer. Stateful multilayer firewalls combine aspects of these approaches and can determine if a packet is part of an existing connection. Proxy servers act as intermediaries for client requests to other servers and can filter traffic according to rules.

1. Firewall & Proxy Server

2. Firewall

3. Firewall contd.

4. Firewall contd.

5. Definition
A Firewall protects networked computers from intentional hostile
intrusion that could compromise confidentiality or result in data
corruption or denial of service.
A firewall sits at the junction point or gateway between the two
networks, usually a private network and a public network such as the
Internet.
The earliest firewalls were simply routers.

6. Definition contd.
A Firewall is a device or set of devices designed to permit or deny
network transmissions based upon a set of rules and is frequently used to
protect networks from unauthorized access while permitting legitimate
communications to pass.
A Firewall examines all traffic routed between the two networks to
see if it meets certain criteria. If it does, it is routed between the
networks, otherwise it is stopped.

7. Firewall Description
There are two access denial methodologies used by firewalls. A firewall
may allow all traffic through unless it meets certain criteria, or it may
deny all traffic unless it meets certain criteria.
Firewalls may be concerned with the type of traffic, or with source or
destination addresses and ports.
They may also use complex rule bases that analyze the application data
to determine if the traffic should be allowed through.

8. Blocking Unknown Traffic

9. OSI & TCP/IP Model
Firewalls operate at different layers to use different criteria to restrict
traffic.

10. Professional Firewall
If the intruder cannot get past level three, it is impossible to gain control
of the operating system.
Professional firewall products catch each network packet before the
operating system does, thus, there is no direct path from the Internet to
the operating system's TCP/IP stack.
It is therefore very difficult for an intruder to gain control of the firewall
host computer.

11. Firewall as Barrier

12. Packet Filtering Firewall

13. Packet Filtering Firewall contd.
Packet filtering firewalls work at the network level of the OSI model, or
the IP layer of TCP/IP.
They are usually part of a router.
A router is a device that receives packets from one network and
forwards them to another network.
In a packet filtering firewall each packet is compared to a set of criteria
before it is forwarded.

14. Circuit Level

15. Circuit Level contd.
Circuit level gateways work at the session layer of the OSI model, or the
TCP layer of TCP/IP.
They monitor TCP handshaking between packets to determine whether a
requested session is legitimate.
Applies security mechanisms when a TCP or UDP connection is
established.
Once the connection has been made, packets can flow between the hosts
without further checking.

16. Application Layer Firewall
Application level gateways, also called proxies, are similar to circuit-
level gateways except that they are application specific. They can filter
packets at the application layer of the OSI model.

17. Stateful Firewall

18. Stateful Multilayer
Stateful multilayer inspection firewalls combine the aspects of the other
three types of firewalls.
This technology is generally referred to as a stateful packet inspection as
it maintains records of all connections passing through the firewall
This is able to determine whether a packet is the start of a new
connection, a part of an existing connection, or is an invalid packet.

19. IP Spoofing
A Technique used to gain unauthorized access to computers,
whereby the intruder sends messages to a computer with an IP
address indicating that the message is coming from a trusted host.
To engage in IP spoofing, a hacker must first use a variety of techniques to find
an IP address of a trusted host and then modify the packet headers so that it
appears that the packets are coming from that host.
IP address spoofing or IP spoofing refers to the creation of Internet
Protocol (IP) packets with a forged source IP address, called spoofing, with the
purpose of concealing the identity of the sender or impersonating another
computing system.

20. Proxy Server
A Proxy Server is a server (a computer system or an
application) that acts as an intermediary for requests
from clients seeking resources from other servers.
A client connects to the proxy server, requesting some
service, such as a file, connection, web page, or other
resource, available from a different server.
The proxy server evaluates the request according to its
filtering rules.

21. Proxy Server contd.

22. Forward Proxy

23. Open Proxy

24. Reverse Proxy

25. Reference
http://www.vicomsoft.com/learning-center/firewalls/