Manualshelf

User manual

ManualsBrandsCTC Union ManualsComputer equipmentSHDSL
11121314151617181920
12
2 Your Firewall
A firewall protects networked computers from intentional hostile intrusion that could compromise
confidentiality or result in data corruption or denial of service. It must have at least two network
interfaces, one for the network it is intended to protect, and one for the network it is exposed to. A
firewall sits at the junction point or gateway between the two networks, usually a private network and a
public network such as the Internet.
A firewall examines all traffic routed between the networks. The traffic is routed between the networks if
it meets certain criteria; otherwise it is filtered. A firewall filters both inbound and outbound traffic.
Except managing the public access to private networked resources such as host applications, the
firewall is capable of log all attempts to enter the private network and trigger alarms when hostile or
unauthorized entry is attempted. Firewalls can filter packets based on their IP addresses of source and
destination. This is known as address filtering. Firewalls can also filter specific types of network traffic
by port numbers, which is also known as protocol filtering because the decision of traffic forwarding is
dependant upon the protocol used, for example HTTP, ftp or telnet. Firewalls can also filter traffic by
packet attribute or state.
An Internet firewall cannot prevent the damage from the individual users with modems dialing into or
out of the network, which bypass the firewall altogether. The misconduct or carelessness of employee
is not in the control of firewalls either. Authentication Policies, which is involved in the use and misuse
of passwords and user accounts, must be strictly enforced. The above management issues need to be
settled during the planning of security policy, but cannot be solved with Internet firewalls alone.
Internet
Internet
Local User
Internet
Allowed Traffic
Restricted Traffic
Out to Internet
Specified Allowed Traffic
Unknown Traffic
Access to Specific
Destination
Firewall
2.1 Types of Firewall
There are three types of firewall:
2.1.1 Packet Filtering
In packet filtering, firewall will examine the protocol and the address information in the header of each
packet and ignore Its contents and context (its relation to other packets and to the intended application).
The firewall pays no attention to applications on the host or local network and it "knows" nothing about
the sources of incoming data. Filtering includes the examining on incoming and outgoing packets, and
determines the packet dropping or not by a set of configurable rules. Network Address Translation (NAT)
routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of
computers behind the firewall, and offer a level of circuit-based filtering.