Firewalls are everywhere today even many home network have firewalls today. But there are several different types of firewalls. You have hardware, software firewalls, stateful, stateless firewalls, proxy, application, desktop, dual-homed, reverse, etc;
Some of which are explained below:
Stateful Inspection Firewall
Stateful inspection firewalls are your most common type of firewall. Stateful inspection firewalls are much like a your typically packet filtering firewall but it also keeps track of the connection status or the communications and is capable of blocking incoming traffic that does not have a previous connection setup. Stateful inspection firewalls make up the largest type of firewall used today and are common for small business and home networks. This type of firewall is cheap and works well and catches things that a stateless firewall would miss. Although much like anything they are not perfect and hackers have figured out ways around these types of firewalls also stateful firewalls take up more resources than your stateless firewalls and therefore are not as useful in a situation where speed is important and security is not that important.
Stateless Inspection Firewall
A stateless firewall works the same as a stateful inspection firewall only it does not keep track of the connection status like a stateful inspection firewall. Stateless firewalls have a few advantages over stateful firewall one being that they have less overhead and therefore are quicker. Stateless firewalls are good for completely blocking or filtering traffic between subnets but since its less secure than your standard stateful inspection firewall it should not be used as perimeter security for your network.
Specialty Application Firewall
Specialty firewalls are designed to protect specific types of communications over a network for example VPN communications, email, or even instant messaging. For example if you have a specialty firewall for email it could be set up to block junk mail, pornographic content, or even virus. One such firewall is called MailMarshal which scans emails traveling in and out of the network. Some other specialty firewalls or companies that sell them are OpenReach, VocalData, Barracuda Spam Firewall, and Speedware.
Reverse Firewall
Typically a firewall filters incoming traffic as opposed to a reverse firewall which filters outgoing traffic of the network. Reserve firewall is primary used to combat certain types of Denial of Service (DOS) attacks. Take this scenario for example; the company's network is infected with a virus which is designed to flood a bunch of traffic out the network from every infected machine creating a Denial of Service from all the traffic. If the network is equipped with a reverse firewall it can block the unnecessary traffic and send the network administrator an alert. There are several companies that sell reverse firewall solutions such as Cs3 a company that is based out of Los Angeles.
Proxy Firewall
A network protected by a proxy firewall first needs to make a connection with the proxy firewall and allowing the proxy firewall to connect to the outside. This way the inside network is protected from most sniffing based attacks. Proxy firewalls are also capable of doing content filtering and anti-virus checks. One problem with proxy firewalls is that compared to packet-filtering based firewalls it lacks speed and the ability to scale with an organization. On the other hand proxy based firewalls are usually more secure than your typical packet-filtering firewall.
***********************************************************************************
***********************************************************************************
No comments:
Post a Comment