Uncategories Types Of Firewall

Types Of Firewall

03:14







Que: What are the Basic Types of Firewall? or Explain types of Firewall in detail
Ans:
1) Packet filtering firewall:-
Ø  A packet filtering firewall applies a set of rules to each incoming and outgoing IP packet and they forwards or discards the packet.
Ø  Firewall is typically configured to filter packets going in both directions.
Ø  Filtering rules are based on information contained in network packets.
·         Source IP address:-
o   IP address of originating sys.
·         Destination IP address:-
o   IP address of a sys packet is trying to reach.
·         Source and destination port:-
o   It defines applications such as SNMP or telnet etc.
o   Transport level port number.
·         IP protocol field:
o   Defines the transport protocol
Example= TCP, UDP
·         Interface:
o   Packet is coming from which interface or destination for which interface.
Ø  Packet filtering is typically set up as a list of rules based on matches to fields in IP or TCP header.
Ø  If there is a match to one of the rules that rule is invoked to determine whether to forward or discard the packet.
Ø  Packet filtering often doesn't require a separate firewall because it's often included in most TCP/IP routers at no extra charge.
there are two types of Packet Filtering Firewalls

Basic packet filtering:-
Ø It involves looking at packets their ports, protocols, source and destination addresses and checking that information against the rules configured on firewall.
Ø For Example, telnet and FTP connections may be prohibited from being established to mail or dB server but they may be allowed for respective service servers.
Ø It is simple method of filtering based on information in each packet header such as IP address and TCP/UDP ports.
Ø It will not detect and catch all undesired packets but it is fast and efficient.

Stateful packet filtering:-
Ø It means that firewall maintains context on conversation.
Ø Means it will look all packets.
Ø Traffic from an outside server to an inside server may be allowed if it is requested but blocked if it is not.
Ø Example, request for a web page.
Ø Advance firewalls employ stateful packet filtering to prevent several types of undesired communication.
Ø Disadvantage is that it takes significant resources and processing to perform this type of monitoring and reduces efficiency and requires more robust and expensive hardware.
Advantages:
Ø  Packet filters can be easy to implement.
Ø  Simple working method as compare to Circuit gateway and application proxy
Ø  Cost effective because no additional hardware required
Ø  Packet filtering also provides little defense against man-in-the-middle attacks
Ø  Filtration done at  very high speed 

Disadvantages:
Ø  ACK packet based attacks can be possible
Ø  Filters are based on IP addresses(N/w layer), not on application layers
Ø  Fragmented packets cannot be analyzed by packet-filtering firewall, so the firewall allows them through, where they are assembled at the destination host.
Ø  Lack of remote administration facilities that can save considerable time and effort.
Ø  Process of creating and updating filtering rules is prone to logic errors.

2) Application Proxy:-

Ø  The Application Proxy is the most complex and secured firewall amongst all the other
Firewall architectures.
Ø  The application proxy examines the network header, the transport header, and the application header of a packet.
Ø  Application proxy examines data payload at the application layer, it severs the connection between the outside and the inside host.
Ø  Establishes two separate connections: a connection between the outside host and itself, and another connection between itself and the inside host.
Ø  The client attempting the connection is never directly connected to the destination.
Ø  It also interprets the intended action of every data packet.
Ø  If the action is not legal according to the security policy of the firewall, the packet is dropped.
Ø  However if the action is found to be legal, the application proxy reconstructs a new data packet according to the intentions of the original.
Ø  Only the data which found acceptable to the application proxy is copied from the original packet to the new packet constructed by the proxy.
Ø  After the recreation, the new packet is sent to the host inside the firewall while the original packet is simply dropped.

Advantages:-

Ø  The application proxy is the most secured firewall among all other firewall architectures.
Ø  Protects all hosts inside the firewall from almost all attacks.
Ø  An application proxy has capability to identify users and applications.
Ø  This identification can enable more secure user authentication.

Disadvantage:-

Ø  Application proxy requires more processing of the packets, leading to lower performance.
Ø  This is also the most expensive and complex firewall.
Ø  The examination at the application layer greatly increases the latency of each Packet.
   
         To Download in Word
         
         Click This Link --> Types Of Firewall
        
     
Next
« Prev Post
Previous
Next Post »

2 comments

Write comments
Unknown
AUTHOR
21 November 2014 at 19:21 delete

Sir ply put email security material also

Reply
avatar
darshan
AUTHOR
24 November 2014 at 00:18 delete

for email security (encryption) please follow this link
http://cm-material.blogspot.in/2014/11/e-mail-encryption-in-detail.html

Reply
avatar
Subscribe to: Post Comments (Atom)