Comptia Security+ Article on Firewall Security Advantages and Firewall Functions


by M. Aslam - Date: 2008-11-20 - Word Count: 448 Share This!


The firewall protects an internal network from malicious hackers or software on an external network. Firewalls filter potentially harmful incoming or outgoing traffic. Firewalls are used to subdivide internal networks on the Internet. It also protects individual computers. The five services that firewalls provide are packet filtering, application filtering, proxy server, circuit-level, and stateful inspection.



- Packet Filtering: A packet filtering firewall checks each packet crossing the device. It also inspects the packet headers of all network packets going through the firewall.



Source IP Address: It identifies the host that is sending the packet. Attackers can modify this


field in an attempt to conduct IP spoofing. Firewalls are configured to reject packets that arrive at


the external interface, that is either an erroneous host configuration or an attempt at IP spoofing.


Destination IP Address: This is the IP address that the packet is trying to reach.



IP Protocol ID: Each IP header has a protocol ID that follows. For example, Transmission


Control Protocol (TCP) is ID 6, User Datagram Protocol (UDP) is ID 17, and Internet Control


Message Protocol (ICMP) is ID 1.



Fragmentation Flags: Firewalls examine and forward or reject fragmented packets. A


successful fragmentation attack can allow an attacker to send packets that could compromise an


internal host.



IP Options Setting: This field is used for diagnostics. The firewall is configured to drop network


packets that use this field. Attackers can use this field in conjunction with IP spoofing to redirect


network packets to their systems.



- Application Filtering: This device will intercept connections and performs security inspections. The firewall acts as a proxy for connections between the internal and external network. The firewall enforce access control rules specific to the application. It is also use to check incoming e-mails for virus attachments. These firewalls are often called e-mail gateways.



- Proxy Server: A proxy server takes on responsibility for providing services between the internal and external network. Proxy server can be used to hide the addressing scheme of the internal network. It can also be used to filter requests based on the protocol and address requested.



- Circuit-Level: A circuit-level firewall controls TCP and UDP ports, but doesn't watch the data


transferred over them. If a connection is established, the traffic is transferred without any further


checking.



- Stateful Inspection: An inspection firewall works at the Network layer. It assesses the IP header


information. It also monitors the state of each connection. Connections are rejected if they attempt any actions that are not standard for the given protocol. These listed firewall features can be implemented in combination by a given firewall implementation. Placing a lot of firewalls in series is a common practice to increase security at the network perimeter.


Related Tags: security, firewall, security certification, firewall security, firewall functions, firewall advantages, comptia security


Earn Security+ , CCNP and Network+ Certifications for free.

Your Article Search Directory : Find in Articles

© The article above is copyrighted by it's author. You're allowed to distribute this work according to the Creative Commons Attribution-NoDerivs license.
 

Recent articles in this category:



Most viewed articles in this category: