Depending upon network and applications requirements firewall can be classified as
- Free firewall
- Software firewall
- Hardware firewall.
According to National Institute of Standard and Technology ,firewall can be divided into :
Five basic types of firewall :
– Packet filters
– States ful inspection
– Proxy
– Dynamic
– Kernel
According to International standard organization ISO and open system inter connect :
Firewalls can be classified as networking firewall and applications layer firewall.
1. Network layer firewall :
As the name indicates Network layer firewall is based on source address ,destination and IP Packets . A network layer firewall works via packet filter by deciding what protocols can be passed within thin the network i.e they rout the traffic between them. According to protocols defined by network administrator.
A simple router which routes t the network traffic is the traditional example of network layer firewall. Network layer firewall is very fast and used by normal users.
2. Application layer firewall :
Application layer firewalls can be used as network address translators, since traffic goes in one side and out the other, after having passed through an application that effectively masks the origin of the initiating connection. Application layer firewall is also used as proxy level firewall, generally running proxy servers.
Which monitors traffic passage and restricts direct access control .
Application layer firewalls improve the overall security of the application infrastructure by preventing attacks that are likely to cause a service outage or cause structural damage to data sources. Application layer firewalls are generally remotely update able, which allows them to prevent newly discovered vulnerabilities.
3. Proxy firewall :
This type of firewall offers security across networks by looking at content And Restrict Access To Non-work Related Sites & Get benefits. . Other security features, such as data encryption and authentication, can be added.
In proxy firewall every packer is stopped at firewall .The packet is then examined and compared to the protocols or rules configured into the firewall. If the packet passes the examinations, it is re-created and sent out.
Because each packet is destroyed and re-created, there is a potential that an application-proxy firewall can prevent unknown attacks based upon weaknesses in the TCP/IP protocol suite that would not be prevented by a packet filtering firewall.
4. Packet level filtering Firewall :
Packet filtering is the most common and basic firewall mwthod.when a packet filter firewall receives a packet from the Internet, it checks information held in the IP Address in the header of the packet and checks it against a table of access control rules to determine whether or not the packet is acceptable. Packet filtering fire wall modelo operated on layer 3 of OSI model . Routeres are the most common form packert filtering model .
One method of getting around a packet filter firewall is known as ,IP spoofing in which hackers adopt the IP address of a trusted source, thereby fooling the firewall into thinking that the packets from the hacker are actually from a trusted source.
The second fundamental problem with packet filter firewalls is that they allow a direct connection between source and destination computers. As a result, once an initial connection has been approved by the firewall, the source computer is connected directly to the destination computer, thereby potentially exposing the destination computer and all the computers to which it is connected to attack.
In packet filtering firewall five characteristic are
examined :
– Source IP address
– Source port
– Destination IP address
– Destination port
– IP protocol .
5. Network Address translation :
An Internet standard that enables a local-area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic.serves as a firewall by keeping individual IP addresses hidden from the outside world. Similar to a proxy server, Network Address Translation acts as an intermediary between a group of computers and the Internet.
NAT converts the address of each computer and device on a LAN into one IP address for the Internet and vice versa. As a result, people scanning the Internet for addresses cannot identify the computers on the network or capture any details of their location, IP address, etc
NAT serves three main purpose :
– Provides a type of firewall by hiding internal IP addresses.
– Enables a company to use more internal IP addresses. Since they’re used internally only, there’s no possibility of conflict with IP addresses used by other companies and organizations.
– Allows a company to combine multiple ISDN connections into a single Internet connection.
Tips for Selecting Firewalls :
Firewall applications vary in sophistication and cost. For the small office or home user, the easiest and least expensive firewall solutions are personal firewalls, which are software programs that install on your computer. When selecting firewalls, the following considerations should be taken into account:
– Ease of installation/configuration.
– Does the firewall run without user intervention?
Are there parameters that have to be set, and is it easy to do?
– Is there online help or technical support available?
Does the firewall provide audit reports identifying time, location and type of attack?
– Is the cost of the firewall appropriate to the size of your business/office?
– Are maintenance/ monitoring requirements suitable for the size and type of business?
– What will be the training requirements for the firewall? Will the firewall have a significant impact on the operation of the system as a
1 user commented in " Different Types of Firewall Security "
Follow-up comment rss or Leave a Trackbackfirewall…
Maybe, but I’m not sure it’for everyone….
Leave A Reply