44 Explain common features of firewall

Firewalls are the very important equipment in terms of providing network security. The main function of a firewall is to permit or deny traffic based on certain rules defined in the firewall. Firewalls check the incoming or outgoing traffic based on several rules however the methods that the various firewalls apply can be different.

There are three types of firewall technologies.

  • Packet filtering
  • Proxy
  • Stateful inspection

Stateless filtering: if the firewalls are configured to permit or deny the web traffic based on IP packets the firewall would check for the particular IP address and in case if the IP address is matched the firewall would permit to or deny the traffic based on how the firewall is configured. This is called as stateless filtering. This kind of filtering works on network layer 3 of the OSI model. It is very cost effective solution

Stateful filtering: it is more secure than stateless filtering because it is combination of packet filtering and proxy services. This is more secure as packets are not only filtered based on ACL's but are also logged into state table. After the connection has been established all session data is compared to the State table. If the session data does not matches the state table data the connection is dropped. Stateful filtering is used by Cisco PIX firewall.

Network zones

There are three types of networks in the firewall

1) Inside: Those trusted hosts and networks that make up the area to be protected.

2) Outside: Those hosts and networks that pose threat to the inside network.

3) DMZ: It is a network of shared servers and host that provide resources to the inside and outside of the network. The firewall configuration provides free access from the outside to the DMZ and access from the DMZ to the inside is limited to number of sessions originating inside.