Firewalls
When we connect an organization to internet, a two-way flow of traffic is provided. This is unwanted in most of the organizations as certain information for official use is generally freely available in the intranet of the company.
There must be some level of separation between the internet and the organization’s intranet. For this firewall has been employed. It is a group of components that form a barrier between the two.
There are 3 types of Firewalls
APPLICATION GATEWAY: This was the initial firewall and is also known as proxy gateways. These are made up of Bastion Host. Bastion host are the general purpose computer which have a flavour of UNIX OS and has been customized to reduce its functionality to perform only the necessary tasks. Most of the features in this host have been turned off or completely removed in order to provide high level of security. These hosts run especial software and act as a proxy server. This software runs at the Application Layer of ISO/OSI model.
In this case when client needs to connect to the internet, it first connects to the proxy server/host. The proxy server then establishes a connection with the destination and acts on the behalf of the client thereby hiding and protecting it. This leads to the creation of 2 connections- one between the client and the server and the other between the server and the destination. The proxy server then makes a decision on packet forwarding. They are very secure but they require some programs to be written to turn it on and allow the traffic to pass.
PACKET FILTERING: This technique uses router having ACLs (Access Control Lists). These routers have the capability to allow only certain kind of packets to pass depending upon various types information such as destination address, destination port, sender address etc. This feature is performed at the lower layer of ISO/OSI (transport layer or session layer). Since it is employed at the lower layer, it has less overhead and since packet filtering is done with the help of router which are specialized in sending selective packets, it is faster.
However, the problem with packet filtering is that there is no means to verify or guarantee the source address.
HYBRID SYSTEMS: In Hybrid System we try to obtain the security of the application layer firewall and try to get the speed and flexibility of packet filtering firewalls. In such systems, new connection must be approves and authorised at the application layer level. Once this is done, the rest of the connection is passed down to the session layer where packet filtering simply checks that only those packets are being forwarded whose conversation has been approved at the application layer.
