n
- a choke point of control and monitoring
- interconnects networks with differing trust
- imposes restrictions on network services : only authorized traffic is allowed
- auditing and controlling access
n
- can implement alarms for abnormal behavior :provide NAT & usage monitoring
- implement VPNs using IPSec
- must be immune to penetration
:: Firewall Limitations ?
- cannot protect from attacks bypassing it
- cannot protect against internal threat
- cannot protect against transfer of all virus infected programs or files
::3 Common types of firewall
a) packet filters
- simple,fast and transparent
- foundation of any firewall system
- examine each IP packet (no context) and permit or deny according to rules
- hence restricted access to services (ports)
- possibles defaults policies
b) Application Level Gateway (Proxy)
- have application specific gateway/proxy
-has full access of protocol
- need separate proxies for each services
c) Circuit Level Gateway
- relays 2 TCP connections
- imposes security by limiting which such connection are allowed
- one created usually relay traffic without examining contents
- used when trust internal users'
- SOCKS commonly used
