5Using Firewalls

This chapter will focus on the following topics:

  • – the role a firewall plays;
  • – the types of firewalls:
    • - NAT firewall,
    • - packet-filtering firewall,
    • - stateful firewall,
    • - application firewall;
  • – setting up a firewall;
  • – different firewall strategies;
  • – ACL-based firewalls:
    • - IPv4 ACLs,
    • - IPv6 ACLs;
  • – zone-based firewalls:
    • - the types of security zones in a network,
    • - rules applied to inter-zone traffic,
    • - configuring a ZFW.

5.1. Introducing firewalls

A firewall is a software or hardware system put in place between a reliable network and an unreliable one. The main purpose of putting in place a firewall is to filter out and prevent unwanted traffic from crossing the firewall barrier. In order to do this, a firewall must comply with the following recommendations:

  • – it must be resistant to attacks;
  • – it must be the only transit point between two networks;
  • – it must ensure that the organization’s access control strategy is applied.

5.2. Types of firewalls

There are different kinds of firewalls. Some of these are:

  • NAT firewall: this hides a private IP address by translating it into a public IP address;
  • packet-filtering firewall: this makes it possible to filter packets from Layers 3 or 4 of the OSI model. This kind of firewall is simple to configure but is also vulnerable to identity-theft attacks;
  • stateful firewall: this carries out the same function as a packet-filtering firewall and also keeps track of the state of network connections (i.e. ...

Get Computer Network Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.