Filter
Top Products
146 Chapter 10 Firewalls
N0115790
Packet filtering firewalls
Packet filtering firewalls restrict access based on the source or destination
computer network address of a packet and the type of application.
Application level firewalls
Application level firewalls restrict access by serving as proxies for external
servers. Because they use programs written for specific Internet services, such as
HTTP, FTP and Telnet, they can evaluate network packets for valid application
specific data. Application level firewalls have a number of general advantages
over the default mode of permitting application traffic directly to internal hosts:
1 Information hiding prevents the names of internal systems from being made
known through DNS to outside systems, because the application gateway is
the only host whose name must be made known to outside systems.
2 Robust authentication and logging preauthenticates application traffic before
it reaches internal hosts and causes it to be logged more effectively than if it
were logged with standard host logging. Filtering rules at the packet filtering
router can be less complex than if the router needed to filter application traffic
and direct it to a number of specific systems. The router need only allow
application traffic destined for the application gateway and reject the rest.
Stateful Inspection firewalls
Stateful inspection firewalls restrict access by screening data packets against
defined access rules. They make access control decisions based on IP address and
protocol. They also inspect the session data to assure the integrity of the
connection and to adapt to dynamic protocols. These firewalls generally provide
the best speed and transparency; however, they often lack the granular application
level access control or caching that some proxies support. For more information,
see “Stateful inspection” on page 153.
Firewalls, of one type or another, have become an integral part of standard
security solutions for enterprises.