3.1 Chapter objectives
■ Identifying the advantages and disadvantages of stateless and
stateful packet filters
■ Implementing circuit-level gateways
■ Certifying application proxies
■ Selecting criteria
As previously explained, a firewall puts up a barrier that controls the
flow of traffic among domains, hosts, and networks. The safest firewall
blocks all traffic, but that defeats the purpose of making the
connection. According to a logical security policy, you need strict
control over selected traffic. Organizations typically put a firewall
between the public Internet and a private and trusted network.
A firewall can also conceal the topology of your inside networks and
network addresses from public view, here, as well as elsewhere. But,
that’s only the beginning.
This chapter is intended to present a brief overview of firewall types
available, as well as the relative advantages and disadvantages of each.
It is intended to lay out a general roadmap for administrators who want
to publish information for public consumption while preventing
unauthorized access to their private or confidential network.
The information presented in this chapter is intended to simplify
what can sometimes be intimidating or complex security and network
setups. This chapter is not intended to be a complete manual on
firewall types. Unfortunately, the nature of firewall technology does