Tuesday, 12 February 2013

Firewalls

Firewall is a device (either software or hardware) installed between internal network of and the Internet. Primary objective of the firewall is to control the incoming and outgoing packets and decide whether the packet is allowed or not. That means, the firewall forward some packets and filter (not forward) some others. Firewalls are categorized into packet filter firewalls and proxy filter firewalls.

Packet Filter Firewall

Packet filter firewalls use network and transport layer headers: source and destination addresses, source and destination port addresses, and protocol used (TCP or UDP) to determine whether the packet is forward or block. A packet filter firewall filters at network or transport layer. These types of firewalls use filter tables to make decisions. The following figure shows a filter table.
Packer filter firewall
  
Interface
Source IP
Source Port
Destination IP
Destination Port
1
15.153.126.32
*
*
*
1
*
*
150.127.125.10
*
1
*
*
*
50
2
*
80
*
*








The asterisk (*) means any.


From the table;
  • All packets from 15.153.126.32 are blocked, no matter of source port, destination port and destination address.
  • Incoming packets with destination address 150.127.125.10 are blocked.
  • Incoming packets with destination port 50 are blocked.
  • The internal network users are not able to search internet by using HTTP, because the outgoing packets with port address 80 are blocked. 
Proxy Filter Firewall
A proxy firewall filter at application layer. Proxy filter firewalls are used to filter packets based on the content at application layer.
Proxy filter firewall
Proxy filter firewall
The above figure depicts a sample scenario of a proxy filter firewall. When a packet receives to the firewall, it processes the packet at application layer and decides whether the packet is forward or discards.

First generation firewalls are packet filters. Second generation firewalls are also packet filters but it include some mechanism to manage states. Proxy filter firewalls or application layer firewalls are includes in third generation of firewalls. 

Next :  ISDN
Previous : FDMA TDMA and CDMA
Index :   Computer Networks and Communication online coaching
at
Labels: ,

1 comment:

  1. Unknown7 March 2013 at 07:42

    Thank you for sharing this post. I found it very informative and helpful. You seem to have a solid grasp on firewalls and how they work. My business computers were being inflicted with viruses and spyware. It was really impacting my ability to run my business. I then invested in a small business firewall and my computer issues were quickly eradicated and my business got back to running smooth.

    ReplyDelete

Subscribe to: Post Comments (Atom)