0
11kviews
Explain different types of firewall with their advantages and pitfalls.

Subject: Advanced Network Technologies

Topic: Network Security

Difficulty: High

1 Answer
2
411views

A firewall is a hardware or software system that prevents unauthorized access to or from a network. It can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet. All data entering or leaving the intranet pass through the firewall, which examines each packet and blocks those that do not meet the specified security criteria. Firewalls are configured to protect against unauthenticated interactive logins from the outside world. This helps prevent hackers from logging into machines on your network.

Advantages

  1. They enforcing corporate security policies.
  2. Used to restrict access to specify services.

    3.Majority of firewalls can even provide selective access via authentication functionality.

    1. Firewalls are very good at altering appropriate people of specified events.

Disadvantages

Even if a firewall helps in keeping the network safe from intruders, but if a firewall is not used properly it would give a false impression to you that the network is safe. The main disadvantage of a firewall is that it cannot protect the network from attacks from the inside.

They often cannot protect against an insider attack.

Firewalls cannot protect a network or pc from viruses, Trojans, worms and spyware which spread through flash drives, potable hard disk and floppy etc.

They may restrict authorized users from accessing valuable services.

They do not protect against backdoor attacks.

They cannot protect the network if someone uses a broadband modem to access the internet

Packet Filtering Firewalls

Packet Filtering Firewalls are normally deployed on the Routers which connect the Internal Network to Internet. Packet Filtering Firewalls can only be implemented on the Network Layer of IOS Model.

Packet Filtering Firewalls work on the Basis of Rules defines by Access Control Lists. They check all the Packets and screen them against the rules defined by the Network Administrator as per the ACLs. If in case, any packet does not meet the criteria then that packet is dropped and Logs are updated about this information.

Administrators can create their ACLs on the basis Address, Protocols and Packet attributes.

Advantage:

The Biggest Advantage of Packet Filtering Firewalls is Cost and Lower Resource Usage and best suited for Smaller Networks.

Disadvantage:

Packet Filtering Firewalls can work only on the Network Layer and these Firewalls do not support Complex rule based models. And it’s also Vulnerable to Spoofing in some Cases.

Application Gateways

Application level gateways firewalls work on the Application layer of the OSI model and provide protection for a specific Application Layer Protocols. Proxy server is the best example of Application Level Gateways Firewalls.

Application level gateway would work only for the protocols which are configured. For example, if we install a web proxy based Firewall than it will only allow HTTP Protocol Data. They are supposed to understand application specific commands such as HTTP:GET and HTTP:POST as they are deployed on the Application Layer, for a Specific Protocol.

Application level firewalls can also be configured as Caching Servers which in turn increase the network performance and makes it easier to log traffic.

Advantages:

Application inspection firewalls can prevent more kinds of attacks than stateful firewalls can. For example, application inspection firewalls can stop an attacker from trying to set up a virtual private network (VPN) tunnel (triggered from inside the network) through an application firewall by way of tunneled HTTP requests.

Circuit Level Gateways

Circuit level gateways firewalls are deployed at the Session layer of the OSI model and they monitor sessions like TCP three way handshake to see whether a requested connection is legitimate or not.

Major Screening happens before the Connection is established. Information sent to a Computer outside the network through a circuit level gateway appears to have originated from the Gateway. This helps in creating a stealth cover for the private network from outsiders.

Advantage:

Circuit level gateways are comparatively inexpensive and provide Anonymity to the private network.

Disadvantage:

Circuit level Gateways do not filter Individual Packets. After Establishing a Connection, an Attacker may take advantage of this.

Stateful multilayer Inspection Firewall

it is a combination of all the firewalls that we have studied till now. They can filter packets at Network layer using ACLs, check for legitimate sessions on the Session Layers and they also evaluate packets on the Application layer (ALG).

Advantages: Stateful Multilayer Inspection Firewall can work on a transparent mode allowing direct connections between the client and the server which was earlier not possible. It can also implement algorithms and complex security models which are protocol specific, making the connections and data transfer more secure

Please log in to add an answer.