Advantages and Disadvantage of Packet Filtering firewall

 

Advantages

• One screening router can help protect entire network

One key advantage of packet filtering is that a single, strategically placed filter can help protect an entire network. If there is only one router that  connects organization site to the Internet, then it provides great advantage on network security, regardless of the size of the site by doing packet filtering on that router.

 

•  Packet filtering doesn’t require user knowledge or cooperation

Packet filtering does not require any custom software or configuration of client machines. When a packet filtering router let a packet through, the router is indistinguishable from a normal router. This transparency means that the packet filtering can be done without the cooperation and often without the knowledge of users.

 Disadvantages

•  Current filtering tools are not perfect

 The rules of packet filtering are hard to configure and once configured, they seem hard to test. The packet filtering capabilities of many products are incomplete and the implementation of certain types of filters is almost impossible. Packet filtering packages may have bugs in them that might fail packet filtering implementation. This may allow few packets to pass into private network without proper checking.

 

•  Some rules can’t readily be enforced by normal packet filtering routers

The information available to packet filtering router is limited. Packets have information about their host but they cannot tell about the user. So, generally no restrictions can be enforced on particular users. Restriction can be enforced on the users who could access the ports through high level protocols. These protocols ensure that no other user is accessing that port. But that kind of control can easily be subverted.

Posted Date: 9/13/2012 5:58:35 AM | Location : United States

Ask an Expert

Related Discussions:- Advantages and disadvantage of packet filtering firewall, Assignment Help, Ask Question on Advantages and disadvantage of packet filtering firewall, Get Answer, Expert's Help, Advantages and disadvantage of packet filtering firewall Discussions

Write discussion on Advantages and disadvantage of packet filtering firewall
Your posts are moderated

Write your message here..

Related Questions

Tcp and udp, TCP and UDP End-to-end delivery application is connection... TCP and UDP End-to-end delivery application is connection less. The basic function of connectionless service are as given: It adds extension of LAN abstraction. It has simp

Define checksum, The method used to check errors is checksum . In this m... The method used to check errors is checksum . In this method data is treated as a sequence of integers and their arithmetic sum is calculated and the carry bits are added to the

#title.TIPS., 1. For this project, assume that an organization has five ser... 1. For this project, assume that an organization has five servers. Server 1 has a TCO of $25,000, Servers 2 and 3 have a TCO of $37,000 each, and the remaining two servers— Servers

Security and basics steps in writing thesis, how can i start thesis? Please... how can i start thesis? Please mention so of examples?

Ethernet network, QUESTION : a) A datagram of 3000 bytes has to travel... QUESTION : a) A datagram of 3000 bytes has to travel over a network with a MTU size of 1000 bytes. Describe how fragmentation can be used to solve this problem. You should pr

Distinguish between passive and active attacks, Problem (a) Distinguis... Problem (a) Distinguish between passive and active attacks. (b) Give two reasons why it is important to organise security awareness programs for users. (c) Describe how

Describe header fields present in a udp segment, Question (a) In relati... Question (a) In relation to a TCP segment structure, provide the fields responsible for: i. Connection Management ii. Flow Control iii. Error Control iv. Reliable, in-order

Define full-duplex., A  full-duplex (FDX) , accepts communication in both... A  full-duplex (FDX) , accepts communication in both ways, and, unlike half-duplex, accept this to occur simultaneously. Land-line telephone networks are full-duplex, since they

Fragmentation and path mtu, FRAGMENTATION AND PATH MTU IPv6 source is ... FRAGMENTATION AND PATH MTU IPv6 source is responsible for fragmentation. Routers simply drop datagrams bigger than network MTU. So source have to fragment datagram to arrive d

Unguided media, Unguided Media This is the wireless media that transfe... Unguided Media This is the wireless media that transfer electromagnetic waves without using a physical media. Waves are broadcast through the air. This is performing through r