Firewall Basics Flashcards
The word firewall commonly describes
a system or device or Software
Firewall is placed between
a trusted network and an untrusted network
A firewall is security devices used to
stop or mitigate unauthorized access.
The only traffic allowed on the network
is defined via the firewall policies.
It grants or rejects access to traffic flows between
untrusted & trusted zone
A firewall monitors and check
incoming and outgoing network related traffic
It decides to allow or block specific traffic based on
defined set of security rules.
A firewall can be
hardware, software, or both or can be Cloud-based or Virtual
The first generation of firewall technology consisted of
packet filters techniques.
The second generation of firewall started with
application layers technologies
The third generation of firewall had
“Stateful” filters inspection also called NGFW
Stateful Firewall:
o It maintain the state of connection when packet is travelling for the appliance.
o State Full Firewall maintain the state of connection in the state table of Firewall.
o After adding information in state table, it forwards the packet to the destination.
o When it receive the reply-packet, it match the packet information to state-table.
o If Firewall receive the reply packet if match packet is accepted otherwise drop.
Simplified Packet Flow
Stateless Firewalls:
o Stateless Firewalls watch network traffic and restrict or block the packets.
o This Firewalls restrict or block packet based on source & destination addresses.
o Stateless Firewalls also restrict or block packet based on other static values.
o Stateless Firewalls are not ‘aware’ of the traffic patterns or the data flows.
o A stateless firewall filter, also known as an Access Control List or (ACL).
o Stateless Firewall does not state fully inspect the traffic to keep the records.
o It evaluates packet contents statically and does not keep track of connection state.
o An example of a packet filtering firewall is the Extended ACL on Cisco Routers
Packet Filtering Firewall:
o In Packet, filtering firewall packets are filtered using the Access-List (ACL).
o Packet Filtering Firewall is vulnerable to IP spoofing network attack easily.
o Cisco IOS use Standard or Extended ACL, Named ACL etc to filter the traffic.
o Limits info is allowed into a network based on the destination and source address.
o Packet Filtering Firewall can only be implemented on Network & Transport Layers.
o Packet Filtering Firewall filters packets based on address and port number only.
Proxy Firewall:
o Proxy Firewall works as a proxy for clients of Internal LAN users.
o No direct communication occurs between client & destination server.
o Takes requests from a client, puts that client on hold for a moment.
o Makes the requests as if it is its own request out to the final destination.
o Proxy Firewall is Memory and disk intensive at the proxy server or device.
o Proxy Firewall could potentially be a single point of failure in the network.