What is a firewall?
A firewall is a network security system that establishes a barrier between an internal network and an outside network and monitors and controls network traffic based on some predetermined security rules. A firewall is designed to prevent unauthorized access to and from the private network, thus making the internal private network more trusted and secure.
Firewalls can be either network firewalls or host-based firewalls. Network firewalls are software appliances running on some hardware-based firewall computer appliances that filter the traffic of the internal network. Host-based firewalls, on the other hand, provide a layer of software that controls the traffic of a single machine.
What are the different types of firewalls?
There are mainly three different types of firewalls based on network communications.
- Packet Filters
- Application Layer Firewalls
- Proxy Servers
Packet Filters
Packet Filters monitor each packet entering or leaving the network and accept or reject them based on some predefined rules. These filters can be stateful or stateless.
Stateful packet filters maintain context about active sessions and can accept or reject packets based on source and destination IP address, TCP or UDP ports, the current stage of the connection’s lifetime, etc.
Stateless packet filters, on the other hand, do not maintain any context of the current session, thus requiring less memory and relatively faster. They, however, cannot make more complex decisions about the acceptance or rejection of packets. Interested readers may find the following links helpful: Evolution of Firewall – from Packet Filters to Next Generation Firewall and What is Next Generation Firewall (NGFW)?
Application Layer Firewalls
This type of firewall works on the application layer of the TCP/IP stack and inspects all packets traveling to or from an application. It can monitor certain application layer protocols and prevent computer worms or trojans.
Application layer firewalls often hook into the socket calls to monitor the packets, so they are called socket filters also. This type of firewall is much like packet filters but applies filtering rules …
0 Comments