Comparison Between Different Firewall and Their Abilities.

Packet filtering is the earliest technology developed to protect the network from dangers in the Internet. It works at network transport layer. A data is split in to several packets and then reassembled back once it has reached its destination. Administrators creates a set of rules which will then be configured to the router, router will then act as a security guard, will either deny or allow packets from passing through. However packet filtering has only limited function, it can only analyze header information in IP packets. For an instance it can all allow or deny specific functions of FTP such as the use of “GET” and “PUT” command (Ogletree, 2000). Packet filtering susceptible to IP Spoofing (Webopedia, 2011). IP Spoofing is used by unauthorized people to gain access to a network, it is a technique done by using the IP address of an authorized or trusted host to enter the network. Advantages of packet filtering Mainly increases the efficiency level by eliminating the processing of overhead by higher level firewall such as proxies. It helps implement choke point as a security strategy because packet filter is installed and monitored in a single location. It also protects network against network sweeping threats and also resolver certain spoofing attacks (Preetham, 20002). Disadvantages of packet filtering Packet filter only checks what protocol, source and destination is used but won’t check on who is trying to access the network. Besides that Trojan horses or viruses can enter into the network using HTTP tunneling (Preetham, 2002).

Proxy servers acts as middle men that connects and communicate client and server. Thus no actual IP packets go through client and server, because it separates the outside network from private network. Application level is the stage where proxy server works thus according to Ogletree (2000), proxy server is application specific and can be programmed to allow or deny access to a service based on user’s preferred function. A proxy