|
Chapter 1. Firewall OverviewRefer to the following sections for information about these topics:
A firewall has multiple interfaces, but it isolates traffic between each one. The simplest firewall configuration has one outside and one inside interface, as shown in Figure 1-1. Figure 1-1. Basic Firewall with Two InterfacesEach interface is assigned a security level from 0 (lowest) to 100 (highest). Multiple interfaces are each assigned an arbitrary security level, as shown in Figure 1-2. Figure 1-2. Basic Firewall with Several InterfacesA firewall is usually represented by the symbol of a diode, an electronic component that allows current to pass in only one direction. Flow in the direction of the arrow is allowed, whereas flow against the arrow is blocked. Other symbols also are commonly used to represent firewalls. Most of those involve a brick wall with or without flames. Likewise, a firewall has the following default behavior:
The default policies can be changed so that some outbound connections can be blocked and some inbound connections can be allowed. All traffic is inspected according to a suite of stateful firewall inspection processes and algorithms. These are commonly called inspection engines. NOTE Inbound and outbound connections refer to the direction in which a connection is initiated. For example, if a host on the outside tries to initiate a connection with an inside host, that is an inbound connection. Keep in mind that an inbound connection is entirely different from traffic that returns in the inbound direction. Return traffic is allowed inbound through the firewall only if it is in response to a previously established outbound connection. The same is true for connections and return traffic in the opposite direction. |
|