| < Day Day Up > |
|
A firewall is an implementation of software, hardware, or a combination of both specifically designed to keep unauthorized users, programs, and other threats from entering a computer system or network. A typical firewall analyzes every packet of information that attempts to enter or exit a network or computer system. If the packet does not meet the specifications implemented by the firewall, the packet or connection is denied access. Several implementations of firewall techniques are provided through the use of a packet filter, a proxy server, an application, or a circuit gateway. For our test study focus, you should be aware that a software firewall is installed or located on a hard drive. For more protection from outside influences, you should also consider the use of data encryption.
There are many types of firewalls that can be implemented to protect inside information from outside sources. Some of the most common types of firewalls are:
Dual Homed Host. A dual homed host, sometimes referred to as multihomed, is a system with two NIC cards. One NIC card supports access to a private network, and one supports access to a public network. This acts as a filter, and is also known as a multihomed bastion host.
Packet Filter. Packet sniffing programs and network monitors can capture and analyze network packets coming into or going out of a network. A packet filtering firewall identifies good from bad packet information. The main fallback with most of the packet filtering programs available today is their inability to identify whether the packets were sent by a normal, innocent user or a threatening, vicious source.
Circuit Gateway. A circuit gateway operates at the session layer of the OSI reference model. It is essentially a packet filter that relays packets from one host to another based on protocol and IP address. A circuit gateway forms a sort of ‘tunnel’ through a firewall, allowing two specified hosts to interact.
Stateful Inspection Firewall. This type of firewall has the ability to remember detailed information about packets that have previously passed through them. Then, they are able to compare and analyze this information and decide whether to let certain packets through the firewall. In other words, a stateful firewall can compare incoming requests to outbound messages and see if there is a relationship between the two. If not, the firewall can block the incoming request. Stateful firewalls provide better overall analysis than most other firewall types, such as packet filters.
| < Day Day Up > |
|