Application gateways / firewall-information security, Computer Network Security

Application Gateways / firewall

The application level firewall is installed on a dedicated computer; also called as a proxy server. These servers can store the recently accessed pages in their cache and called as cache servers. As proxy server is placed in unsecured area of the network (for example DMZ), it is exposed to higher levels of risk from unreliable networks. Additional filtering routers can be implemented behind proxy server, further protecting internal systems. The disadvantage is they are characteristically restricted to a single application, as they work at application layer. Figure given below illustrates the different types of Firewalls which is compared to OSI model



255_Application Gateways -firewall.png



 Circuit Gateways

The circuit gateway firewall operates at transport layer. Filtering firewalls, do not normally look at data traffic flowing between two networks, but it prevent direct connections between one network and the other. This is can be accomplished by creating tunnels connecting specific processes or systems on each side of firewall, and allows authorized traffic in the tunnels.

 MAC Layer Firewalls

MAC layer firewalls which is designed to operate at media access control layer of OSI network model. This gives the ability to consider specific host computer’s identity in the filtering decisions of it. The MAC addresses of specific host computers are linked to access control list (ACL) entries that identify specific types of packets which can be sent to each host; all other traffic is blocked.

 Hybrid Firewalls

Hybrid Firewalls combine elements of other types of firewalls; that is, elements of packet filtering and proxy services, or of packet filtering and circuit gateways. On the other hand, it may consist of 2 separate firewall devices; each is a separate firewall system, but is connected to work in tandem. Without replacing the existing firewalls completely, an organization can make a security improvement, from this approach.

Posted Date: 10/9/2012 3:36:25 AM | Location : United States

Related Discussions:- Application gateways / firewall-information security, Assignment Help, Ask Question on Application gateways / firewall-information security, Get Answer, Expert's Help, Application gateways / firewall-information security Discussions

Write discussion on Application gateways / firewall-information security
Your posts are moderated
Related Questions
(a) Briefly explain the following security goals provided by cryptography: confidentiality, authentication, integrity and non-repudiation. (b) State Kerckhoff's Princip

FRAME FORMAT AND ERROR DETECTION The changed frame format also adds CRC. If there is an error happened in frame, then it typically causes receiver to removed frame. The frame

Risk Control Strategies Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk: •    Apply safeguards wh

Wireless Networks The origin of wireless networks and their ubiquity in the technological environment poses a new type of exposure and vulnerability for network security. Cont

What do you understand by cryptanalysis? Discuss about the transposition ciphers substitution cipher, and onetime pads. The messages which are intended to transmit secretly and

Question 1: (a) With the help of a diagram show the basic structure of a computer system. (b) Explain as fully as you can each of the parts mentioned above. (c) What are

QUESTION (a) Mention two attitudes of a carer towards an inspector that could lead to negative outcomes (b) Give two performance indicators of Early Childhood Education that

LOCAL TALK Apple discovered the LAN technology that uses bus topology. Its interface is added with all Macintosh computers. It has very low speed i.e. 230.4Kbps. Also it is ch

Divide the user data into 6 equal sets. Use the first set for the enrollment phase of your system, and the rest for the verification phase. Use the following formula to calculate t

Question: (a) Explain how the Diffie-Hellman key establishment protocol works. (b) Prove that the Diffie-Hellman key establishment protocol is vulnerable to a `man in the mi