Basis of various firewalls

Gourav Ajay

Department of information technology, Salem University

IT550 Information Technology Architecture and Security

Dr. Weifeng Chen

Due date 10/15/2023

Introduction

Firewalls are a vital component of network security and provide the first line of defense

against unauthorized access, malware, and other attacks that could compromise the security of

the network. Firewalls employ a range of methods to protect the network, including controlling

access to the network, filtering inbound and outbound traffic, and inspecting packet contents.

There are three main types of firewalls: stateful inspection firewalls, packet filtering firewalls,

and application-level gateways.

1. Stateful inspection firewalls:

Stateful inspection firewalls also known as dynamic packet filtering firewalls,

monitor the state of active connections and selectively allow traffic based on the state

information. These firewalls examine the header information of each packet as well as the

information contained within the packet payload to determine whether the packet should

be allowed or denied. Stateful inspection firewalls have the advantage of being able to

filter out malicious traffic effectively while also allowing legitimate traffic through. They

can prevent network-based attacks like DDoS attacks without affecting the availability of

legitimate connections. However, their disadvantage is that they do not inspect the data

within the packets and are somewhat vulnerable to application-layer attacks. (Sheldon,

n.d.)
2. Packet filtering firewalls:

Packet filtering firewalls are among the earliest types of firewalls and are the most

commonly used. These firewalls filter packets based on their source and destination IP addresses,

protocol types, and port numbers. Packet filtering firewalls operate at the network level,

examining packets as they pass through the firewall and deciding whether to allow or deny them

based on pre-defined rules. Packet filtering firewalls have the advantage of being very fast and

require minimal resources to operate. This makes them suitable for use in high-traffic

environments like data centers or e-commerce websites. However, they are susceptible to

sophisticated attacks, which can exploit the protocols and port numbers that are allowed and

cause damage to the network. (Rountree, n.d.)

3. Application-level gateways:

Application-level gateways also known as proxy firewalls, inspect traffic at the

application level. These firewalls function by acting as an intermediary between the user's

computer and the Internet. They inspect the data contained within the packets to determine

whether it is legitimate or not. The advantage of application-level gateways is that they can

detect and prevent attacks that other types of firewalls cannot. This is because they can interpret

the content of the packets at a higher level of abstraction than other firewalls. However, the

disadvantage of application-level gateways is that they can degrade network performance due to

the added processing and the network overhead required to act as a proxy. (Sahay, n.d.)
Firewalls have become an integral part of network security, and their role in protecting against

cyber threats cannot be overemphasized. Properly configured firewalls provide a high degree of

protection against network-based attacks, and each type of firewall has its own set of advantages

and disadvantages. Selecting the right type of firewall for your network depends on your security

requirements, the complexity of your network, and the specific risks that your network is

exposed to.
 References

ConnectWise. (2021, March 2). Types of Firewalls. ConnectWise Blog

https://www.connectwise.com/blog/cybersecurity/types-of-firewalls

ScienceDirect. Packet Filtering Firewall. In Computer Science, Elsevier.

https://www.sciencedirect.com/topics/computer-science/packet-filtering-

firewall

TechTarget. (June 16, 2021). Stateful Inspection.

https://www.techtarget.com/searchnetworking/definition/stateful-

inspection