Firewall Concepts

Firewall – ( Pre-Reading: Routing Concept )


A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

Now a day, almost all routers have Firewall system, in some device, it’s known as ACL, and in some device it’s known as IP Chain.

Classification of Firewall

Characterized by protocol level, it can be  controlled in the following ways-

  • Packet filtering
  • Circuit gateways
  • Application gateways
  • Combination of above is dynamic packet filter

Firewall Criteria

Most of the Firewall system has the following provision to deploy firewall rules

  • Applying rules based on traffic direction.

Example: Want to block all traffic coming through eth0 and exiting through R1/eth2 interface.

In that case firewall rules will be-

  • Deny all in interface eth0:10 and out interface eth2
  • Deny all in interface eth0:20 and out interface eth2
  • Based on protocol and direction

Example: Want to block all http traffic coming through eth0 and exiting through R1/eth2 interface.

In that case firewall rules will be-

  • Deny all destination port 80 in interface eth0:10 and out interface eth2
  • Deny all destination port 80 in interface eth0:20 and out interface eth2
  • Based on Protocol
  • Based on Source or Destination or a combination of both
  • Based on combination of Source, Destination and Protocol
  • Based on Source or Destination and Protocol
  • Based on Site Name
  • Based on Site and Protocol
  • Based on Domain
  • Based on Content Type
  • Based on Time, that means specific firewall rules will work on specific time period

Further Reading

Advanced Firewall

twittergoogle_plusFacebooklinkedinmail

We love to hear from you