Types of Firewalls
There are two types of firewalls.
1. Filtering Firewalls - that block selected network packets.
2. Proxy Servers (sometimes called firewalls) - that make network connections for you.
Packet Filtering Firewalls
Packet Filtering is the type of firewall built into the Linux kernel.
A filtering firewall works at the network level. Data is only allowed to leave the system if the firewall rules allow it. As packets arrive they are filtered by their type, source address, destination address, and port information contained in each packet.
Many network routers have the ability to perform some firewall services. Filtering firewalls can be thought of as a type of router. Because of this you need a deep understanding of IP packet structure to work with one.
Because very little data is analyzed and logged, filtering firewalls take less CPU and create less latency in your network.
Filtering firewalls do not provide for password controls. User can not identify themselves. The only identity a user has is the IP number assigned to their workstation. This can be a problem if you are going to use DHCP (Dynamic IP assignments). This is because rules are based on IP numbers you will have to adjust the rules as new IP numbers are assigned. I don't know how to automate this process.
Filtering firewalls are more transparent to the user. The user does not have to setup rules in their applications to use the Internet. With most proxy servers this is not true.
Proxy Servers
Proxies are mostly used to control, or monitor, outbound traffic. Some application proxies cache the requested data. This lowers bandwidth requirements and decreases the access the same data for the next user. It also gives unquestionable evidence of what was transferred.
There are two types of proxy servers.
1. Application Proxies - that do the work for you.
2. SOCKS Proxies - that cross wire ports.
Application Proxy
The best example is a person telneting to another computer and then telneting from there to the outside world. With a application proxy server the process is automated. As you telnet to the outside world the client send you to the proxy first. The proxy then connects to the server you requested (the outside world) and returns the data to you.
Because proxy servers are handling all the communications, they can log everything they (you) do. For HTTP (web) proxies this includes very URL they you see. For FTP proxies this includes every file you download. They can even filter out "inappropriate" words from the sites you visit or scan for viruses.
Application proxy servers can authenticate users. Before a connection to the outside is made, the server can ask the user to login first. To a web user this would make every site look like it required a login.
SOCKS Proxy
A SOCKS server is a lot like an old switch board. It simply cross wires your connection through the system to another outside connection.
Most SOCKS server only work with TCP type connections. And like filtering firewalls they don't provide for user authentication. They can however record where each user connected to.
gurjeet
Press release: MWTI,LLC now has a one, two and three hour fire rated modular building and partition system, unlike others who claim to have these fire ratings you will find only there wall panel is rated not the entire system and are limited in height, you will also find MWTI,LLC competitors have only been tested by Omega test point labs. MWTI,LLC wall and roof assemblies have been tested and approved by Omega test point labs, United Laboratories UL and Factory Mutual, further we are rated to unlimited height, The system is suitable for interior and exterior use. MWTI,LLC has developed specialty tools to set the panels in place that are required, if you choose to assemble the system yourself or have your own contractor do the work MWTI,LLC has made previsions for the use of such tools. So if you are in need of a 1,2 or 3 hour fire rated partition or building system contact MWTI, LLC for a fast free quote, all of MWTI,LLC office engineering and design work is no charge to you. Remember we have the only system fire rated and by the right organizations UL and Factory Mutual. MWTI,LLC The Fire Stops Here.
0
0