==
» » » » » » What are the different types of firewalls?

What are the different types of firewalls?

, , , ,
What are the different types of firewalls?
The National Institute of Standards and Technology (NIST) 800-10 divides firewalls into three basic types:
Packet filters
Stateful inspection
Proxys
These three categories, however, are not mutually exclusive, as most modern firewalls have a mix of abilities that may place them in more than one of the three. For more information and detail on each category, see theNIST Guidelines on firewalls and firewall policy.
One way to compare firewalls is to look at the Transmission Control Protocol/Internet Protocol (TCP/IP) layers that each is able to examine. TCP/IP communications are composed of four layers; they work together to transfer data between hosts. When data transfers across networks, it travels from the highest layer through intermediate layers to the lowest layer; each layer adds more information. Then the lowest layer sends the accumulated data through the physical network; the data next moves upward, through the layers, to its destination. Simply put, the data a layer produces is encapsulated in a larger container by the layer below it. The four TCP/IP layers, from highest to lowest, are described further in the figure below.

Firewall implementation
The firewall remains a vital component in any network security architecture, and today's organizations have several types to choose from. It's essential that IT professionals identify the type of firewall that best suits the organization's network security needs.

Once selected, one of the key questions that shapes a protection strategy is "Where should the firewall be placed?" There are three common firewall topologies: the bastion host, screened subnet and dual-firewall architectures. Enterprise security depends on choosing the right firewall topology.
The next decision to be made, after the topology chosen, is where to place individual firewall systems in it. At this point, there are several types to consider, such as bastion host, screened subnet and multi-homed firewalls.
Remember that firewall configurations do change quickly and often, so it is difficult to keep on top of routine firewall maintenance tasks. Firewall activity, therefore, must be continuously audited to help keep the network secure from ever-evolving threats.
Network layer firewalls
Network layer firewalls generally make their decisions based on the source address, destination address and ports in individual IP packets. A simplerouter is the traditional network layer firewall, since it is not able to make particularly complicated decisions about what a packet is actually talking to or where it actually came from.
One important distinction many network layer firewalls possess is that they route traffic directly through them, which means in order to use one, you either need to have a validly assigned IP address block or a private Internet address block. Network layer firewalls tend to be very fast and almost transparent to their users.
Application layer firewalls
Application layer firewalls are hosts that run proxy servers, which permit no traffic directly between networks, and they perform elaborate logging and examination of traffic passing through them. Since proxy applications are simply software running on the firewall, it is a good place to do logging and access control. Application layer firewalls can be used as network address translators, since traffic goes in one side and out the other after having passed through an application that effectively masks the origin of the initiating connection.
However, run-of-the-mill network firewalls can't properly defend applications. As Michael Cobb explains, application layer firewalls offerLayer 7 security on a more granular level, and may even help organizations get more out of existing network devices. 
In some cases, having an application in the way may impact performance and make the firewall less transparent. Older application layer firewalls that are still in use are not particularly transparent to end users and may require some user training. However, more modern application layer firewalls are often totally transparent. Application layer firewalls tend to provide more detailed audit reports and tend to enforce more conservative security models than network layer firewalls.
Future firewalls will likely combine some characteristics of network layer firewalls and application layer firewalls. It is likely that network layer firewalls will become increasingly aware of the information going through them, and application layer firewalls have already become more transparent. The end result will be kind of a fast packet-screening system that logs and checks data as it passes through.
Proxy firewalls
Proxy firewalls offer more security than other types of firewalls, but at the expense of speed and functionality, as they can limit which applications the network supports.
Why are they more secure? Unlike stateful firewalls or application layer firewalls, which allow or block network packets from passing to and from a protected network, traffic does not flow through a proxy. Instead, computers establish a connection to the proxy, which serves as an intermediary, and initiate a new network connection on behalf of the request. This prevents direct connections between systems on either side of the firewall and makes it harder for an attacker to discover where the network is, because they don't receive packets created directly by their target system.

Proxy firewalls also provide comprehensive, protocol-aware security analysis for the protocols they support. This allows them to make better security decisions than products that focus purely on packet header information.
Admin

Pro Teknologi dibuat pada 22 Februari 2017. Blog ini adalah harapan saya agar dapat membagi manfaat kepada orang lain,berupa tips-tips Seputar Blog,Internet,Komputer,dan Info-Info Menarik lainnya.

0 Response to "What are the different types of firewalls?"

Post a Comment

Subscribe to: Post Comments (Atom)