Understanding the Different Classes of Firewalls
By George Cherere
For the enforcement and the tight control of security and the flow of traffic within
and given network or between networks, the firewall is one very important piece of software
and also hardware that is entrusted with these functions. An understanding of how the firewall
is able to achieve its functions through the capabilities a firewall is able to provide. These
are the capabilities which determine the type of firewall to be sourced to meet a certain and
specific set of security needs.
Most of the firewalls will work through the packet filtering method which is one of the
most effective methods of implementing security for the network through validation of data
packets. The validation of the data packets is usually based on a number of factors which are
the destination and the source internet protocol (IP) addresses, protocol, type of service,
the source and the destination ports and port numbers, the differentiate services code point,
the time range and a host of other parameters associated with the internet protocol header.
These criteria are usually tested and matched for all individual packets so as to guarantee
or deny these packets.
This packet filtering comes about or rather is implemented through the use access control
lists (ACL) which are found on switches and routers. The ACl has the advantage of being very
fast when coupled with the application specific integrated circuit. Having seen these features
of the packet filtering firewalls, the most obvious strong point for this type of firewall is that
it is most common and can be found in about every component of the network.
The packet filtering firewall is found in switches and routers as mentioned earlier, the wireless
access points, the virtual private network aggregators are other devices on the network which
use this type of firewall. The downside with the packet filtering firewall is that it is static
and has been exploited by hackers who channel suspicious traffic through the TCP 80 port which
grants unobstructed access.
The proxy firewalls also called the application firewalls work on a more complex model
which can be explained by the Open System interconnection (OSI). This model seeks to explain
the transmission of information from one computer to another application on a second computer.
The information is passed through layers to make sure security is not compromised.
The information according to the OSI model is passed through seven different layers starting
with the application layer (7th layer) which is usually the interface in the form of programs used
on the computer. The next layer is the presentation layer which is the translator between
systems and converts the application layer information to a format acceptable to various different
systems. Encryption is done in this layer.
The session layer is the fifth and manages service requests between computers. The transport
layer provides reliable ordering and communication of data by preparing the data for delivery
to the network transmission control protocol. The third layer is the network layer at which
data is referred to as packet and this layer is responsible for routing and IP addressing.
The data link layer handles the reliability of data which at this point is referred to as a frame.
Finally, the first layer is the physical layer which is now composed of the devices
which we can see as well as their electrical characteristics. The application firewalls work
at layer seven which is the application layer just as the name suggests and they give a buffer
often acting on behalf of a client. It is also patches easily in case vulnerabilities are identified.
The only disadvantage is that they are slow in the manner that they handle data and traffic.
The next type of firewall is the reverse proxy firewall which will work in a similar
manner to the application firewall. The difference lies in that the reverse proxy firewalls
are deployed for the servers and not clients as in the case of application servers. The effectiveness
of this firewall lies in the reverse proxy understanding how the application behaves and the
intelligence to do away with problems like the buffer overflow.
A last form of firewall is the packet inspection firewall which takes care of session
information and is even able to perform deep packet inspection to enforce compliance and scan
for viruses all the time making sure that operation speed is superb.
These are the basic types of firewalls and which are chosen dependent on security needs
and on to which many features have been added by different security vendors to make them better
adapted for use.
There are companies which are committed to preventing the spread of computer viruses
and threats astarowall.com [dead link], like Astarowall, a division of Guardian Network Solutions.
Pay us a visit on the provided link for reviews and for useful tips for your firewall needs
and solutions.
More Network Security Articles: • The Role of Security Penetration Testers • What is Cross Site Scripting? • What is Network AAA (Authentication, Authorization, and Accounting)? • Designing Physical Network Security • Domain Name System (DNS) Vulnerabilities • Security Issues with Wireless LANs • How to Secure Your Wireless Network • The Use of HoneyPots and HoneyNets to Trick Hackers • Remote Access Authentication Protocols • Network Security Model - Defining an Enterprise Security Strategy
|