Meaning:
- Two of the most popular and important tools used to secure networks are firewalls and proxy server network
- The basic function of a firewall is to screen network traffic for the purposes of preventing unauthorized access between computer networks.
- Proxy services can be provided directly by the firewall or on a separate host working in a conjunction with the firewall.
- Firewalls comes in many different shapes and sizes and sometimes firewall is actually a collection of several computers.
- A firewall can be a router a PC, a purpose built machine or a collection of hosts that is set up specifically to shield a private network from protocols and services.
Firewalls must have following attributes
a) All communications must have through the firewall
b) The firewall permits only traffic that is authorized
c) The firewall can withstand attacks upon itself.
Firewalls strengths / capabilities
- They are excellent at enforcing corporate security policies
- They are used to restrict access to specify services
- The majority of firewalls can even provide selective access via authentication functionality
- Firewalls are singular in purpose and do not need to be made between security and usability
- They are excellent auditors
- Firewalls are very good at altering appropriate people of specified events.
Firewalls weakness / limitations
- Firewalls cannot protect against what has been authorized
- It cannot stop social engineering attacks or an unauthorized user intentionally using their access for unwanted purposes
- Firewalls cannot fix poor administrative practices or poorly designed security policies
- It cannot stop attacks if the traffic does not pass through them
- They are only as effective as the rules they are configured to enforce.
The four main firewalls technologies available are:
- Packet Filters
- Application gateways
- Circuit-level gateways
Stateful packet inspection engines
Packet Filtering Firewalls
- They provide network security by filtering network communication based on the information contained in TCP/IP headers of each packet
- Advantages:
- Good performance
- Cost-effective
- Transparency
- Good for traffic management
- Disadvantages:
- Directed connectionless permitted
- Poor scalability
- Large port range may be opened
- Vulnerability to spoofing attacks
Application Gateways
- An application gateway makes access decisions based on packet information at all seven layers of OSI model
- Advantages:
- Application gateways provide a higher level of security that packet filters do but they as the loss of transparency to the services that are being controlled
- Application gateways can be used to protect vulnerable services to the protected systems
- Disadvantages
- Slower Performance
- Lack of performance
- Need for proxies for each application
Circuit Level Gateways
- Circuit-level gateways are similar to application gateways but they are not application aware.
- A circuit level gateway operates by relaying TCP connections from the trusted network to the untrusted network
- Advantages: The main advantage of a circuit level gateway over an application gateway is that it provides services for many different protocols and - Disadvantages: Clients must be able to use them and they cannot inspect application layer
Stateful Packet Inspection (SPI) Firewalls
- A SPI firewall permits and denies packets based on a set of rules very that similar to packet filter.
- They track the state of each session and can dynamically open and close ports
- SPI firewalls were deployed to combine the speed and flexibility of packet filters with application level security of application proxies
- Advantages:
- They can differentiate between valid and faked ACK packets
- Ability to look inti the data of certain packet types
- The disadvantages of SPI firewall it permits direct connections between untrusted and trusted hosts.
and 3 others joined a min ago.
teamques10
★ 64k