Firewalls – Network Security

In this article we will discuss Firewalls – Network Security, will make brief discussion on Firewalls – Network Security, In last article we discuss about Authentication, Authorization, and Accounting (AAA).

A firewall is one of the most effective security tools available for protecting users from external threats. Network firewalls reside between two or more networks, control the traffic between them, and help prevent unauthorized access.

Host-based firewalls or personal firewalls are installed on end systems. Firewall products use various techniques for determining what is permitted or denied access to a network. These techniques are:

Cisco Security Appliances

Dedicated firewall devices are specialized computers that do not have peripherals or hard drives. Appliance-based firewalls can inspect traffic faster and are less prone to failure.

Server-Based

Most home integrated routers have built-in basic firewall capabilities that support packet, application, and web site filtering. Higher-end routers that run special operating systems like Cisco Internet-work Operating System (IOS) also have firewall capabilities that can be configured.

Personal Firewall

Firewall applications that generally provide a solution that combines an SPI firewall and access control based on IP address or application. Server-based firewalls can be less secure than dedicated, appliance-based firewalls because of the security weaknesses of the general purpose OS.

  • Packet filtering – Prevents or allows access based on IP or MAC addresses
  • Application filtering – Prevents or allows access by specific application types based on port numbers
  • URL filtering – Prevents or allows access to websites based on specific URLs or keywords
  • Stateful packet inspection (SPI) – Incoming packets must be legitimate responses to requests from internal hosts. Unsolicited packets are blocked unless permitted specifically. SPI can also include the capability to recognize and filter out specific types of attacks, such as denial of service (DoS)

Firewall products may support one or more of these filtering capabilities. Firewall products come packaged in various forms.

Add a Comment

Your email address will not be published. Required fields are marked *