THINGS YOU NEED TO KNOW ABOUT FIREWALL part-1

A SELF EXPLANATORY IMAGE 

We often come across the word "FIREWALL" so what it is and it isand how it works?

WHAT IS FIREWALL?

Is is the hardware/software installed between the internal computers of the organization and to the rest of the network. It is designed to filter packets and allow some packets .

'

TYPES OF FIREWALLS?   

 1. PACKET FILTERING ROUTERS 

• First generation of firewall invented
• works on the ip layer of TCP/IP

Packet filters work by applying a set of rules to each incoming or outgoing packets.The rules are defined based on the network security policy of the enterprise. According to these set of rules the firewall can forwarded or drop the packet. A packet filtering router is able to filter IP packets based on the 

Source IP address

Destination IP address

TCP/UDP source port

TCP/UDP destination port

Packet filters works well for blocking spoofed packets. It also can be used for

Block connections from specific hosts or networks

Block connections to specific hosts or networks

Block connections to specific ports

Block connections from specific ports

 

 THERE ARE THREE TYPES OF PACKET FILTERING FIREWALL

  

1. Static Filtering

2. Dynamic Filtering

3. Stateful inspection

Static Filtering

It is one of the oldest firewall architecture and it operates in the network layer. The administrator can define rules which packets are accepted and which packets are denied. The static filter will scan for IP header data and TCP header data.

Advantages of Static Filtering

Low impact on network performance.

Low cost included in many operating systems.

Disadvantages of Static Filtering

Because it operates in the network layer it examines only the IP header and TCP header.

It is not aware of the packet payload.

Offers low level of protection. 

Dynamic Filtering

Dynamic Filtering works on the network layer. These firewalls are the most common sort of firewall technology .The decision will to deny or allow the packet will be based on the examination of the IP and protocol header. Dynamic filter can differentiate between a new and an established connection. After a connection is established its information is kept in a table in the router.

Advantages of Dynamic Filtering

Lowest impact on network performance

Low cost

Because it can differentiate between a new and an established connection it increases performance.

Disadvantages of Dynamic Filtering

Because it operates in the network layer it examines only the IP header and TCP header.

Provide low level of protection

Stateful Inspection

Stateful inspection is a technology that is similar to dynamic filtering, with the addition of more granular examination of data contained in the IP packet

Advantages of using firewalls based on packet filtering

Low cost.

Packet filters make use of current network routers.

Makes Security Transparent to End-Users.

Easy to install.

Packet filters make use of current network routers. Therefore implementing a packet filter security system is typically less complicated than other network security solutions.

High speed

Packet filters are generally faster than other firewall technologies because they perform fewer evaluations.

Disadvantages of using firewalls based on packet filtering

Packet filters do not understand application layer protocols.

Packet filters does not offer any value-added features, such as HTTP object caching, URL filtering, and authentication because they do not understand the protocols being used.

Packet filtering routers are not very secure.

Can’t discriminate between good and bad packet

New rules may be needed to be added if an employee needs special requirements to connect to the internet.

Difficulty of setting up packet filtering rules to the router

There isn’t any sort of user based Authentication.

Packet filter cannot authenticate information coming from a specific user.

IN PART-2 I WILL BE COVERING CIRCUIT LEVEL GATEWAYS(2nd generation of firewalls).

STAY TUNED!