Firewall
Firewall
– Types of firewalls
– Firewall configurations
Firewall Characteristics
1. All traffic from inside to outside, and vice versa, must pass
be allowed to pass.
firewall.
programs or files.
the firewall to scan all incoming files, e-mail, and messages for viruses.
Types of Firewalls
1. Packet filters
2. Application-level gateways
3. Circuit-level gateways.
Packet-Filtering Router
• Interface: For a router with three or more ports, which interface of the
router the packet came from or which interface of the router the packet is
destined for
If there is a match to one of the rules, that rule is invoked
to determine whether to forward or discard the packet. If
there is no match to any rule, then a default action is taken.
Two default policies are possible:
gateway asks the user for the name of the remote host to be accessed.
the remote host and relays TCP segments containing the application data
• Each proxy service may require its own authentication before granting user
access.
systems.
A. For traffic from the Internet, only IP packets destined for the bastion host are
allowed in.
B. For traffic from the internal network, only IP packets from the bastion host are
allowed out.
• Second, an intruder must generally penetrate two separate systems before the security of the
Firewall Configurations
• This configuration also affords flexibility in providing
direct Internet access.
– For example, the internal network may include a public information
server, such as a Web server, for which a high level of security is
not required. In that case, the router can be configured to allow
direct traffic between the information server and the Internet.
security policy.
Firewall Configurations
3. The screened subnet firewall configuration of Figure
used, one between the bastion host and the Internet and