Firewalls Flashcards
What are the principal types of firewalls?
Packet-filtering firewall
Stateful packet inspection firewall
Application-level gateway
Circuit-level gateway
What are the two ways firewalls are organized?
Single firewall inline
Simply puts a firewall between an external and internal router.
Double firewall inline
Puts a demilitarized zone (DMZ) between an external and internal firewall. Used to protect systems that need to be externally accessible, but protected.
Packet-filtering firewall
Filters individual packets on the basis of packet headers such as port numbers, IP addresses, file types and malware signatures.
Wildcard mask
A mask to indicate which parts of an IP address a particular rule is confirmed with (when IP address matching).
e.g. DENY 20.1.1.1 with mask 0.0.255.255 means “deny all IP addresses of the form 20.1.x.y”
Stateful packet inspection firewall
Reviews the same packet information as a packet-filtering firewall, but also filters packets on the basis of a directory of established connections.
Application-level gateway
An application-level gateway, also known as a proxy server, is a type of gateway that operates at the application layer of the OSI model. The gateway need not be a physical device.
Filters packets based on applications or certain features of applications.
Circuit-level gateway
A circuit-level gateway operates at the session layer of the OSI model. It establishes and maintains a connection between two devices, but does not examine the contents of the packets passing through the connection.
Determines which TCP connections will be allowed.
Single firewall inline
A single firewall between an external and internal router. Used for simple internal network protection.
Double firewall inline
A demilitarized zone (DMZ) between an external and internal router. Used to set up a network of systems that must be externally accessible, but still protected.
What is a firewall?
A firewall is a single fortified point of entry for a computer network.
