Firewall Basics

James E. Goldman, Purdue University

Introduction

Overall Firewall Functionality

Firewall Functionality

Background

Bad Packet Filtering

Address Filtering

Port Filtering

Domain Filtering

Network Address Translation

Data Inspection

Virus Scanning and Intrusion Detection

Other Functions

Firewall Types

Bastion Host

Packet Filtering Firewalls

Circuit-Level Gateways and Proxies

Application Gateways

Trusted Gateway

Stateful Firewalls

Internal Firewalls

Virtual Firewalls and Network-Based Firewall Services

Switched Firewalls—Air Gap Technology

Small Office Home Office Firewalls

Firewall Functionality and Technology Analysis

Conclusion

Glossary

Cross References

Further Reading

INTRODUCTION

When an organization or individual links to the Internet, a two-way access point out of and into their information systems is created. To prevent unauthorized activities between the Internet and the private network, a specialized hardware, software, or software–hardware combination known as a firewall is often deployed.

Overall Firewall Functionality

Firewall software often runs on a dedicated server between the Internet and the protected network. Firmware-based firewalls and single-purpose dedicated firewall appliances are situated in a similar location on a network and provide similar functionality to the software-based firewall. All network traffic entering the firewall is examined, and possibly filtered, to ensure that only authorized activities take place. This process may be limited ...

Get Handbook of Information Security: Threats, Vulnerabilities, Prevention, Detection, and Management, Volume 3 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.