Aniket Mahule COMPUTER NETWORKS
CREATIVE ASSIGNMENT
TYPES OF COMPUTER NETWORK FIREWALLS
Software Firewalls
A software firewall is installed on the host device.
Accordingly, this type of firewall is also known as a Host
Firewall. Since it is attached to a specific device, it has to
utilize its resources to work. Therefore, it is inevitable for it
to use up some of the system’s RAM and CPU.
If there are multiple devices, you need to install the
software on each device. Since it needs to be compatible
with the host, it requires individual configuration for each.
Hence, the main disadvantage is the time and knowledge
needed to administrate and manage firewalls for each
device.
On the other hand, the advantage of software firewalls is
that they can distinguish between programs while filtering
incoming and outgoing traffic. Hence, they can deny access
to one program while allowing access to another.
Stateful Inspection Firewalls
A stateful inspection firewall keeps track of the state of a
connection by monitoring the TCP 3-way handshake. This
allows it to keep track of the entire connection – from start
to end – permitting only expected return traffic inbound.
When starting a connection and requesting data, the stateful
inspection builds a database (state table) and stores the
connection information. In the state table, it notes the
source IP, source port, destination IP, and destination port
for each connection. Using the stateful inspection method,
it dynamically creates firewall rules to allow anticipated
traffic.
CS18004
Hardware Firewalls
As the name suggests, hardware firewalls are security
devices that represent a separate piece of hardware placed
between an internal and external network (the Internet).
This type is also known as an Appliance Firewall.
Unlike a software firewall, a hardware firewall has its
resources and doesn’t consume any CPU or RAM from the
host devices. It is a physical appliance that serves as a
gateway for traffic passing to and from an internal network.
Proxy Firewalls
A proxy firewall serves as an intermediate device between
internal and external systems communicating over the
Internet. It protects a network by forwarding requests from
the original client and masking it as its own. Proxy means
to serve as a substitute and, accordingly, that is the role it
plays. It substitutes for the client that is sending the request.
Packet-Filtering Firewalls
When it comes to types of firewalls based on their method
of operation, the most basic type is the packet-filtering
firewall. It serves as an inline security checkpoint attached
to a router or switch. As the name suggests, it
monitors network traffic by filtering incoming packets
according to the information they carry.
As explained above, each data packet consists of a header
and the data it transmits. This type of firewall decides
whether a packet is allowed or denied access based on the
header information. To do so, it inspects the protocol,
source IP address, destination IP, source port, and
destination port. Depending on how the numbers match the
access control list (rules defining wanted/unwanted traffic),
the packets are passed on or dropped.
Next-Generation Firewalls
The next-generation firewall is a security device that
combines a number of functions of other firewalls. It
incorporates packet, stateful, and deep packet inspection.
Simply put, NGFW checks the actual payload of the packet
instead of focusing solely on header information.
Unlike traditional firewalls, the next-gen firewall inspects
the entire transaction of data, including the TCP
handshakes, surface-level, and deep packet inspection.
Using NGFW is adequate protection from malware attacks,
external threats, and intrusion. These devices are quite
flexible, and there is no clear-cut definition of the
functionalities they offer. Therefore, make sure to explore
what each specific option provides.
Circuit-Level Gateways
Circuit-level gateways are a type of firewall that work at
the session layer of the OSI model, observing TCP
(Transmission Control Protocol) connections and sessions.
Their primary function is to ensure the established
connections are safe.
In most cases, circuit-level firewalls are built into some
type of software or an already existing firewall.
Like pocket-filtering firewalls, they don’t inspect the actual
data but rather the information about the transaction.
Additionally, circuit-level gateways are practical, simple to
set up, and don’t require a separate proxy server.
Cloud Firewalls
A cloud firewall or firewall-as-a-service (Faas) is a cloud
solution for network protection. Like other cloud solutions,
it is maintained and run on the Internet by third-party
vendors.
Clients often utilize cloud firewalls as proxy servers, but
the configuration can vary according to the demand. Their
main advantage is scalability. They are independent of
physical resources, which allows scaling the firewall
capacity according to the traffic load.
Businesses use this solution to protect an internal network
or other cloud infrastructures (Iaas/Paas).