Every time a corporation connects its internal computer network or LAN to the Internet, it faces potential danger regarding security. Due to the Internet’s openness, every corporate network connected to it is vulnerable to virus attack. Crackers on the Internet can break into the corporate network and cause harm in many ways. Some such methods are the following:
- They can copy or damage important data.
- They can damage individual computer data or entire networking.
- They can use the corporate computer’s resources as a way of posing to be a corporate employee.
The solution for all these problems and many more is to build ‘firewalls’ to protect the network. Firewalls allow anyone on the corporate network to access the Internet, but they stop crackers, hackers, or others from gaining access to the corporate network and causing damage.
Benefits of Using a Firewall-
The main advantages of using a firewall are as follows:
- Protection from services which are inherently more prone to attacks.
- Access to host in the network can be strictly controlled.
- Security is concentrated on a single firewall system. This leads to better implementation of authentication procedures.
- Logging and statistics of network use and misuse.
- Policy enforcement.
types of firewall-
A firewall uses a variety of architectures to manage access control. These are:
- Packet-Filtering Firewalls
- Proxy Firewalls
- Stageful Inspection
1.Packet-Filtering Firewalls- This type of firewalls examines all the packets it comes across. It forwards them or drops them based on pre-defined rules. This rudimentary firewall provides only essential protection. Packet-filtering firewalls are restrictive since network managers can only define a few parameters.
Many routers and proxy servers use some form of packet filtering that provides firewall capabilities for protecting the network from unauthorized traffic. Administrators can create rules for filtering out unwanted packets and can arrange these rules in the most efficient order. A packet that passes all the rules is only allowed through, while a packet that violates any rule is dropped.
Packet filtering can be implemented on routers and other devices in two ways :
- Static filtering
- Dynamic filtering
Static Filtering: Static packet filtering provides limited security by configuring selected ports as either permanently open or permanently closed. For example, to deny outside packets access to a company intranet server on port 80 (the standard port number for the Hypertext Transfer Protocol, or HTTP) one could configure the router or firewall to block all incoming packets directed toward port 80.
Dynamic Filtering: Dynamic packet filtering provides enhanced security. It acts by allowing selected ports to be opened at the start of a legitimate session and then closes them at the end of the session, and This is particularly useful for protocols that allocate ports dynamically – for example, with the File Transfer Protocol (FTP).
2. Proxy Firewalls-
This type of firewall acts as an intermediary of user requests, setting up a second connection to the desired resource either at the application layer (an application proxy) or at the session or transport layer (a circuit relay). Proxy firewalls tend to take a performance hit since it relies on the application layer. They are restrictive when it comes to allowing or denying evolving or new types of applications.
3. Stageful Inspection Firewalls-
These are the new generation of firewall technology patented by Check Point Software Technologies. Stageful Inspection provides full application-layer awareness without requiring a separate proxy for every service to be secured. This results in multiple benefits to customers, including excellent performance, reliability, and the ability to support new and custom applications and services quickly and easily.
Stageful inspection architecture is unique in that it understands the state of any communication through the firewall machine, including packet, connection, and application information. Packet filters do not track application or connection state. Application proxies rack only application state, not packet or connection state which may introduce some vulnerabilities.