Overview of Firewalls
CNT-A290
Firewalls
Homework Assignment I
Spring 2013
Define, research and write an overview of the following:
Packet filtering firewalls OSI layers they work at. Advantages Disadvantages Network location placements
Overview of Packet filtering Firewalls
A packet-filtering firewall is a software or hardware firewall that is router and/or appliance based that is configured to monitor the incoming and outgoing packets. The packet-filtering firewall checks the information contained in the packets' TCP and IP headers based on which it accepts or denies packets. Most packet-filtering firewalls forward or deny a packet based on the packet's full association that consists of the Source address, the Destination address, the Application or protocol, the Source port number and the Destination port number. A packet-filtering firewall primarily operates only at the network layer or layer 3 of the OSI model.
Advantages: • low cost and low impact on network performance • speed • simplicity • flexibility • By prohibiting connections between specific Internet sources and internal computers, a single rule in packet filtering can help protect an entire network • can be used to shield internal IP addresses from external users when used in conjunction with network address translation
Disadvantages:
• Packet filter firewalls are less secure than application level firewalls because the packet filtering firewalls do not understand application layer protocols. • Packet filters do not inspect the payload of the packet. • Packet filtering firewalls cannot restrict access to protocol subsets for even the most basic services such as the PUT and ET commands in FTP • Packet filters are stateless since they do not keep application level information or information about a session • Packet filters have little or no audit event generation and alerting mechanisms
Stateful firewalls
Overview
The “stateful” firewall provides protection
Firewalls
Homework Assignment I
Spring 2013
Define, research and write an overview of the following:
Packet filtering firewalls OSI layers they work at. Advantages Disadvantages Network location placements
Overview of Packet filtering Firewalls
A packet-filtering firewall is a software or hardware firewall that is router and/or appliance based that is configured to monitor the incoming and outgoing packets. The packet-filtering firewall checks the information contained in the packets' TCP and IP headers based on which it accepts or denies packets. Most packet-filtering firewalls forward or deny a packet based on the packet's full association that consists of the Source address, the Destination address, the Application or protocol, the Source port number and the Destination port number. A packet-filtering firewall primarily operates only at the network layer or layer 3 of the OSI model.
Advantages: • low cost and low impact on network performance • speed • simplicity • flexibility • By prohibiting connections between specific Internet sources and internal computers, a single rule in packet filtering can help protect an entire network • can be used to shield internal IP addresses from external users when used in conjunction with network address translation
Disadvantages:
• Packet filter firewalls are less secure than application level firewalls because the packet filtering firewalls do not understand application layer protocols. • Packet filters do not inspect the payload of the packet. • Packet filtering firewalls cannot restrict access to protocol subsets for even the most basic services such as the PUT and ET commands in FTP • Packet filters are stateless since they do not keep application level information or information about a session • Packet filters have little or no audit event generation and alerting mechanisms
Stateful firewalls
Overview
The “stateful” firewall provides protection