A firewall is a device or software running on a device that inspects network traffic and allows or blocks traffic based on a set of rules. * A network-based firewall inspects traffic as it flows between networks. For example, you can install a network-based firewall on the edge of your private network that connects to the Internet to protect against attacks from Internet hosts. * A host-based firewall inspects traffic received by a host. Use a host-based firewall to protect against attacks when there is no network-based firewall, such as when you connect to the Internet from a public location. * Firewalls use filtering rules, sometimes called access control lists (ACLs), to identify allowed and blocked traffic. A rule identifies characteristics of the traffic, such as: * The interface the rule applies to
* The direction of traffic (inbound or outbound)
* Packet information such as the source or destination IP address or port number * The action to take when the traffic matches the filter criteria * Firewalls do not offer protection against all attacks (such as spoofed e-mail messages). The following table explains different firewall types.
Packet filtering firewall
| A packet filtering firewall makes decisions about which network traffic to allow by examining information in the IP packet header such as source and destination addresses, ports, and service protocols. A packet filtering firewall: * Uses access control lists (ACLs) or filter rules to control traffic. * Operates at OSI layer 3 (Network layer). * Offers high performance because it only examines addressing information in the packet header. * Can be implemented using features that are included in most routers. * Is a popular solution because it is easy to implement and maintain, has a minimal impact on system performance, and is fairly inexpensive. A packet filtering firewall is considered a stateless...
Please join StudyMode to read the full document