̈ Chapter 8: Firewall LANCOM Reference Manual LCOS 3.50
107
Firewall
that a defenceless workstation installed in the Internet will - perhaps even
accidentally - become the victim of attacks.
8.2 What is a Firewall?
The term “Firewall” is interpreted very differently. We want to define at this
point the meaning of “Firewall” within the boundaries of this reference man-
ual:
The Firewall can consist of hard and/or software components:
̈ In pure hardware systems the Firewall software often runs on a proprie-
tary operating system.
̈ The Firewall software can also run on a conventional workstation, which
is dedicated to this task under Linux, Unix or Windows.
̈ As a third and frequently used alternative, the Firewall software runs
directly within the router, which connects the LAN to the Internet.
In the following sections we only look at the Firewall in a router.
The functions “Intrusion Detection” and “DoS protection“ are part of
the content of a Firewall in some applications. The LANCOM contains
these functions also, but they are realised as separate modules beside
the Firewall.
Further information can be found in the section ’Protection against
break-in attempts: Intrusion Detection’ →page 160 and ’Protection
against “Denial of Service” attacks’ →page 162.
8.2.1 Tasks of a Firewall
Checking data packets
How does the Firewall supervises the data traffic? The Firewall works in prin-
ciple like a door keeper for data packets: Each packet will be checked,
whether it may pass the door of the network (Firewall) in the desired direction
or not. For such a checking different criteria are used, in common language of
Firewalls called “rules” or “guidelines”. Depending on the kind of information,
A Firewall is a compilation of components, which monitors at a central place the data exchange
between two networks. Mostly the Firewall monitors the data exchange between an internal,
local network (LAN), and an external network like the Internet.