.jpg)
Typical zones of trust include the Internet (zone no trust) and an internal network (a zone with high trust). Its main purpose is to provide controlled connectivity between zones of different trust levels through the enforcement of security policy and connectivity models based on the principle of least privilege.
There are three basic types of firewalls depending on the type of use:
whether the communication between a single node and the network, or between two or more networks.
whether the communication is intercepted at the network layer, or at the application layer.
whether the communication is being tracked at the firewall or notWith respect to the scope of this communication is filtered firewalls exist:
Personal firewall, a software application that normally filters traffic entering or leaving the computer via the Internet.
Firewall network, typically run on a dedicated network device or computer positioned on the border of two or more networks or DMZs (demilitarized zone). Such firewalls filter all traffic entering or leaving the network is connected.In reference to the layer where the traffic can be intercepted, the three main categories of firewalls exist: Network layer firewalls An example would be iptables.
An example of an application layer firewall be TCP Wrapper.
example applications firewall will limit the ftp service via the file / etc / ftpaccessType the network layer and application-layer firewall may overlap, even if a personal firewall is not serving network, indeed, a single system has been implemented both together.
There is also the idea of a firewall application that is occasionally used for network wide area network (WAN) on the worldwide web and manage system software.
An extended description would put them lower than application layer firewall, does the operating system layer, and in turn can be called the operating system firewall.Finally, depending on whether the firewall to track the package, two additional categories of firewalls exist:stateful firewallstateless firewallNetwork layer firewalls Network layer firewalls operate at the (relatively low) of the TCP / IP as the IP-packet filters, do not let the packet pass through the firewall unless they comply with the rules.
Administrators can define firewall rules, or the default built-in rules may apply (such as in some inflexible firewall systems).
A more permissive setup could allow packets to pass through the filter as long as it does not match one or more "negative-rules", or "reject rules".
Today the network firewall built into most computer operating systems and network equipment.
Modern firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP address or port, destination service like WWW or FTP.
They can filter based on protocols, TTL values, netblock of originator, domain name of the resource, and other attributes.Application-layer firewallsApplication-layer firewalls work on the application level TCP / IP stack (ie, all browser traffic, or all telnet or ftp traffic), and may intercept all packets traveling to or from an application.
They block other packets (usually dropping them without notification to the sender). In principle, application firewalls can prevent all outside traffic from reaching undesired protected machine.By inspecting all packets for improper content, firewalls can even prevent the spread of such viruses.
In practice, however, has become so complex and so difficult to attempt (given the variety of applications and diversity of content each may allow its packet traffic) that comprehensive firewall design generally do not try this approach. source http://computernetworkingnotes.com
.jpg&description=Devices to the network or network device is the most important part in a network.){kind=link}
0 Comments