Firewalls are devices or programs that control the flow of network traffic between networks or hosts that employ differing security postures. While firewalls are often discussed in the context of Internet connectivity, they may also have applicability in other network environments. For example, many enterprise networks employ firewalls to restrict connectivity to and from the internal networks used to service more sensitive functions, such as accounting or personnel. By employing firewalls to control connectivity to these areas, an organization can prevent unauthorized access to its systems and resources. Inclusion of a proper firewall provides an additional layer of security (Broida, 2011). This research paper will give a background on firewalls. The background will cover an overview of firewall technologies, as well as firewall technologies, the common requirements of firewalls, and firewall policies. This paper will also give an analysis of firewalls which will consist of what I have learned in doing this research and my opinion on the research. Overview of Firewall Technologies
Several types of firewall technologies are available. One way of comparing their capabilities is to look at the Transmission Control Protocol/Internet Protocol [TCP/IP] layers that each is able to examine. TCP/IP communications are composed of four layers that work together to transfer data between hosts. When a user wants to transfer data across networks, the data is passed from the highest layer through intermediate layers to the lowest layer, with each layer adding more information. The lowest layer sends the accumulated data through the physical network, with the data then passed upwards through the layers to its destination. Simply put, the data produced by a layer is encapsulated in a larger container by the layer below it. The four TCP/IP layers, from highest to lowest, are application layer, transport layer, IP layer, also known as the network layer, and hardware layer, also known as the data link layer. The application layer sends and receives data for particular applications, such as Domain Name System [DNS], Hypertext Transfer Protocol [HTTP], and Simple Mail Transfer Protocol (SMTP). The application layer itself has layers of protocols within it. The transport layer provides connection-oriented or connectionless services for transporting application layer services between networks, and can optionally ensure communications reliability. Transmission Control Protocol [TCP] and User Datagram Protocol [UDP] are commonly used transport layer protocols. The IP layer routes packets across networks. Internet Protocol version 4 [IPv4] is the fundamental network layer protocol for TCP/IP. Other commonly used protocols at the network layer are Internet Protocol version 6 [IPv6], ICMP, and Internet Group Management Protocol [IGMP]. The hardware layer handles communications on the physical network components. The best known data link layer protocol is Ethernet (Sourour, Adel, & Tarek, 2009).
Addresses at the data link layer, which are assigned to network interfaces, are referred to as media access control [MAC] addresses. An example of this is an Ethernet address that belongs to an Ethernet card. Firewall policies rarely concern themselves with the data link layer. Addresses at the network layer are referred to as IP addresses. The transport layer identifies specific network applications and communication sessions as opposed to network addresses; a host may have any number of transport layer sessions with other hosts on the same network. The transport layer may also include the notion of ports. A destination port number generally identifies a service listening on the destination host, and a source port usually identifies the port number on the source host that the destination host should reply to. Transport protocols such as TCP and UDP have ports, while other transport protocols do not. The combination of source IP address...
Please join StudyMode to read the full document