Advantages and disadvantage of packet filtering firewall, Computer Network Security

Advantages and Disadvantage of Packet Filtering firewall

 

Advantages

  • One screening router can help protect entire network

One key advantage of packet filtering is that a single, strategically placed filter can help protect an entire network. If there is only one router that  connects organization site to the Internet, then it provides great advantage on network security, regardless of the size of the site by doing packet filtering on that router.

 

  •  Packet filtering doesn’t require user knowledge or cooperation

Packet filtering does not require any custom software or configuration of client machines. When a packet filtering router let a packet through, the router is indistinguishable from a normal router. This transparency means that the packet filtering can be done without the cooperation and often without the knowledge of users.


 Disadvantages

  •  Current filtering tools are not perfect

 The rules of packet filtering are hard to configure and once configured, they seem hard to test. The packet filtering capabilities of many products are incomplete and the implementation of certain types of filters is almost impossible. Packet filtering packages may have bugs in them that might fail packet filtering implementation. This may allow few packets to pass into private network without proper checking.

 

  •  Some rules can’t readily be enforced by normal packet filtering routers

The information available to packet filtering router is limited. Packets have information about their host but they cannot tell about the user. So, generally no restrictions can be enforced on particular users. Restriction can be enforced on the users who could access the ports through high level protocols. These protocols ensure that no other user is accessing that port. But that kind of control can easily be subverted.

Posted Date: 9/13/2012 5:58:35 AM | Location : United States






Your posts are moderated
Related Questions
Encryption Key Size When using ciphers, the size of crypto variable or key is quite important as the strength of many encryption applications and cryptosystems were measured by

WHY USE AN IDS? IDS prevent from problem behaviors by increasing the perceived risk of discovery and punishment. Detect the attacks and other security violations. Detect and at

Cost Benefit Analysis (CBA) The common approach for information security controls is economic feasibility of implementation. CBA is begun by evaluating the worth of assets which

Problem 1: What is the function of AUC in the GSM architecture? Explanation of HLR(AUC) Architecture of GSM Problem 2: Show the layered architecture of t

For this assessment, students must research and analyse two different scenarios. The two scenarios must be chosen from those described below and submitted as one Microsoft PowerPoi

(a) Define what you understand by the following terms in Network Flows: i) UnDirected Path ii) Directed Path iii) Directed Cycle. iv) Tree In each of the above, expla

QUESTION: a) Explain four issues that are generally addressed in the Needs Analysis phase in the building-block approach to network design. b) Sketch a typical hybrid star-b

Q. Explain about Security aware protocols? The security-Aware ad hoc Routing (SAR) protocol based on the security attributes integrated into the ad hoc route discovery provides

Question : (a) "Pulse Code Modulation (PCM), as used in telephony, samples a signal at 8 kHz using 256 quantization levels". Outline how this scheme works with the help of ske

This assignment aims to enhance students' understanding of the network protocol hierarchy and flow control and error control techniques by implementing a sliding window protocol in