Firewalls-information security, Computer Network Security

Firewalls

A firewall in an information security program that prevents specific types of information from moving between the outside world and the inside world. The firewall may be a separate computer system; a software service running on existing router or server; or a separate network having supporting devices

Firewall Categorization Methods

Firewalls are categorized by processing mode, development era, or intended structure. The 5 processing modes in which firewalls can be categorized by are:

-Packet filtering
-Application gateways
-Circuit gateways
-MAC layer firewalls
-Hybrids

Firewalls which are categorized by intended structure are residential or commercial grade, hardware based, software based, or appliance based devices.

Packet Filtering

A Packet filtering firewalls examine header information of data packets which come into a network for compliance with or violation of rules of the firewall’s database.

A packet filtering firewall installed on TCP/IP determines whether to deny or forward to next network connection. If a device finds a packet which matches a restriction, it stops the packet from traveling .The restrictions implemented are often based on combination of

-Internet Protocol (IP) source and destination address
-Direction (inbound/outbound)
-Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) source and destination port requests


Simple firewall models enforce rules designed to forbid packets with certain addresses or partial addresses. The 3 subsets of packet filtering firewalls are:-


-Static filtering requires that filtering rules governing how the firewall decides which packets are allowed and which are denied are developed and installed
-Dynamic filtering permits firewall to react to emergent event and update or create rules to deal with event. It only permits a particular packet with a source, destination and port address to enter through firewall.
-Stateful inspection called as stateful firewalls which keep track of each network connection between internal and external systems by using a state table. A state table tracks the state and context of each pocket. Stateful firewalls block incoming packets which are not responses to internal requests. Dynamic stateful filtering firewalls keep dynamic state table to make changes to the filtering rules. Figure given below shows how packets are filtered by using the Packet Filtering Router and Table given below shows an example of Firewall rules and formats.

 

    528_Firewalls-information security.png

 

 

       2472_Firewalls-information security 1.png

Posted Date: 10/9/2012 3:16:01 AM | Location : United States







Related Discussions:- Firewalls-information security, Assignment Help, Ask Question on Firewalls-information security, Get Answer, Expert's Help, Firewalls-information security Discussions

Write discussion on Firewalls-information security
Your posts are moderated
Related Questions

QUESTION (a) What do you understand by a VLAN? Provide one advantage of using a VLAN. (b) What is a trunk port in a VLAN? (c) A VLAN will be created using one or more

QUESTION (a) Describe the difference between static routing and dynamic routing algorithms. (b) List four functions that are performed by the Cisco IOS software during b

Question: (a) Besides privacy, what other security functions does Pretty Good Privacy (PGP) provides? (b) What is the Post Office Protocol (POP) used for? Why is it impo

Question: (a) Explain briefly the PCI Control Objectives which enterprises must meet to be compliant with the Payment Card Industry Data Security Standard (PCI DSS). Specify a

Bridges perform both in the data link layers and physical of LANs of same kind. They split a bigger network in to smaller segments. They have logic that accept them to store the

IPV6 BASE HEADER FORMAT: It has less information than IPV4 message header. Next header shows to first extension message header. Flow label is partitioned into a TRAFFIC CLASS

Problem (a) As a forensic investigator, you are needed to trace the source of an email. It is suspected that the email header has been forged. Show how you would proceed to

(a) (i) Bob has public RSA key (n = 77, e = 7). Show that Bob's private key is (d = 43). (ii) Alice wants to send the message m = 13 to Bob. She encrypts the message usi

Base lining •    Organizations do not have any contact to each other •    No two organizations are identical to each other •    The best practices are a moving target •    K