|
Everyone needs a
firewall. If you run a web site, have a dial-up connection or control a
corporate backbone you have to install a firewall. This will allow the
control of what internal information from your network or computer is
allowed to go out, and what information is allowed to come in. Taking
advantage of a simple firewall installation can help you preserve your
data and report all attempts of unauthorized access.
A firewall is a device or system that separates and provides
access control between two networks. The operations of firewalls are
performed by access control policies or "rules". It is important to
understand what kind of access we want to allow or deny into our network,
or a firewall will not really help. Usually security specialists managing
the connectivity and administration of firewalls have a heavy
responsibility.
Today we will review the concept of firewalls, gateways and routers.
Types of Firewalls
Firewalls vary in their security protection and defense approach.
Generally, they run in dedicated hosts or hardware devices that are
directly connected to different network segments. A connection to the
firewall is established each time a client wants to send data to a server
on the separated network.
The main technical distinction between firewalls is the mechanism that
they use to pass traffic from one segment to another. Lower-level
firewalls perform operations on the first layers of the OSI model (Open
Systems Interconnect) which usually makes them faster, while Higher-level
firewalls usually analyze more information about the connection, such as a
client connection to a specific site.
There are two types of firewalls. Network Layer firewalls are commonly the
traditional and simple routers. They make their decisions based on the
source, destination addresses and ports in individual connections. These
firewalls are not able to make decisions about what the connection
contains and where it came from. Modern Network-layer firewalls now
maintain internal information about the state of the connection and where
it is coming from.
Application-level firewalls do not permit direct traffic between networks.
They perform logging and auditing functions on each connection that passes
through them. Proxy Servers are commonly used to perform logging and
access control for applications between different networks. Application
layer firewalls are also commonly used as network address translators.
Applications use Application-level firewalls to mask the origin of their
connection and transparently communicate with the separate network
segment.
Images and content are copyright to
Lindengrove 2003
Site designed by
Lindengrove
|
