Firewall has different functioning based on its Technology. Majorly they can be classified into 3 technology.
- Packet Filtering.
- Proxy Server.
- Stateful Filtering.
Packet Filtering
-This technology of Firewall is process of passing packet based on Source and Destination IP Address, Ports and protocols.
-In this technology the passing or blocking of packet are decided on firewalls interface inbound and outbound direction.
-Access-list applied on the inbound for packets coming from outside network and outbound for packets going out from Firewall.
-Packet level inspection takes place, where each L3 packets are filtered based on Source and Destination Address before passing in and out of Firewall.
In a software firewall, packet filtering is done by a program called a packet filter. The packet filter examines the header of each packet based on a specific set of rules, and on that basis, decides to prevent it from passing (called DROP) or allow it to pass (called ACCEPT)
Packet Filtering |
There are three ways in which a packet filter can be configured, once the set of filtering rules has been defined. In the first method, the filter accepts only those packets that it is certain are safe, dropping all others.
This is the most secure mode, but it can cause inconvenience if legitimate packets are inadvertently dropped. In the second method, the filter drops only the packets that it is certain are unsafe, accepting all others. This mode is the least secure, but is causes less inconvenience, particularly in casual Web browsing. In the third method, if the filter encounters a packet for which its rules do not provide instructions, that packet can be quarantined, or the user can be specifically queried concerning what should be done with it. This can be inconvenient if it causes numerous dialog boxes to appear, for example, during Web browsing.
No comments:
Post a Comment