|
Firewall
A firewall is a 'watchdog' that protects local networks from being accessed from the Internet by hackers and other ill-intended visitors. Whether the firewall is a piece of software or a combination of software and hardware, it is usually placed as a gateway between two networks, often a company LAN and the Internet. When placed as a gateway, the firewall works as a 'check point' at which the data traffic to and from a network is monitored and regulated.
There exist four general firewall techniques: Packet-filtering, application-level gateways, circuit-level gateways, and stateful inspection. These techniques primarily differ in relation to what is focused on in the analysis of the data traffic.
A packet-filtering firewall can regulate data traffic according to parameters such as source and destination address, port number, and protocol and can hide the structure of a LAN by mapping IP addresses with e.g. NAT (Network Address Translation).
A circuit-level gateway hides the internal network by working as a proxy server, and determines whether a requested session is legitimate by monitoring TCP handshaking between packets.
An application-level gateway has similar proxy abilities, but it is application-specific and thus filters data traffic according to protocol, such as HTTP, FTP or SMTP.
Last, but not least, a stateful inspection firewall uses a system of comparing new data packets with packets that are already trusted. It remembers parameters about original requests and determines whether responses are legitimate. Additionally, it provides some filtering based on data packet contents, but this type of firewall completely lacks the ability to hide internal networks.
As the different techniques offer security against different risks, they are often combined in firewall devices.
Related terms:
Internet, LAN, NAT, Network
|
|
