Firewalls

Question 1

Types of Firewalls:
Packet-filtering

Answer 1

Examines packets entering or leaving the network, either accepting or rejecting the packet based on user-defined rules.
Low level operation of the TCP/IP protocol stack, not examining the data in the packet.

Question 2

Stateful packet inspection

Answer 2

Monitors the state of active connections, making decisions based on the context of the traffic and state of the network.
Provides a balance between performance and security.

Question 3

Application-level

Answer 3

Filters incoming traffic between the network and the traffic source, operating at the application layer.
Inspects the data being sent and blocks harmful content or software.

Question 4

Circuit-level

Answer 4

Circuit-level gateways or circuit-level firewall
Monitors TCP handshakes across the firewall to determine if the session is legitimate.
Operates at the session layer of the OSI model.

Question 5

Is there a firewall that bundles all of these various features?

Answer 5

Next-Generation Firewalls (NGFW)
Incorporates features of traditional firewalls with quality of service (QoS) functionalities.
Includes additional features like application awareness, integrated intrusion prevention, and cloud-delivered threat intelligence.
Intrusion Detection Systems (IDS)
Monitors networks or systems for malicious activity or policy violations.
Can be network-based (NIDS) or host-based (HIDS).
Intrusion Prevention Systems (IPS)
Similar to IDS but with the ability to prevent detected threats.
Actively blocks or prevents intrusions in real-time.
Unified Threat Management (UTM)
Combines and integrates various security services and features
Firewall
IDS/IPS
Antivirus
Gateway anti-spam
Content filtering