Firewalls can be categorized in following types:
Packet filtering: The system
examines each packet entering or leaving the network and accepts or rejects it
based on user-defined rules. Packet filtering is fairly effective and
transparent to users, but it is difficult to configure. In addition, it is
susceptible to IP spoofing.
Circuit-level gateway implementation:
This process applies security mechanisms when a TCP or UDP connection is
established. Once the connection has been made, packets can flow between the
hosts without further checking.
Acting as a proxy server: A proxy
server is a type of gateway that hides the true network address of the
computer(s) connecting through it. A proxy server connects to the Internet,
makes the requests for pages, connections to servers, etc., and receives the
data on behalf of the computer(s) behind it. The firewall capabilities lie in
the fact that a proxy can be configured to allow only certain types of traffic
to pass (e.g., HTTP files, or web pages). A proxy server has the potential
drawback of slowing network performance, since it has to actively analyze and
manipulate traffic passing through it.
Web application firewall: A web
application firewall is a hardware appliance, server plug-in, or some other
software filter that applies a set of rules to a HTTP conversation. Such rules
are generally customized to the application so that many attacks can be
identified and blocked.
No comments:
Post a Comment