Firewall Types

Ace your homework & exams now with Quizwiz!

Screened-Subnet Firewall

Protects protects the dual-homes firewall host from internal attacks

Transparent proxy

No proxy software necessary. Client's default gateway is set to the proxy server's IP instead of the router. Client does not know they are connected to a proxy

Stateless Firewall

Only analyzes packet header

stateless firewall

Filters packets based on Source Address Destination address Protocol Source/destination Port Address

Application-Layer Firewall

Filters traffic based on packet payload data

Private LAN/intranet

Firewall protects an internal LAN from other internal networks

Stateless Packet Filtering

Firewall type vulnerable to packet IP address spoofing

Screened-Host Firewall

A screening router is placed between a dual-homes host and the public network

Screened-Subnet Firewall

An additional screening router is added between the Screened-host firewall and the Internal Network

Public Zone

Any network not controlled by the network administrator

DMZ (demilitarized zone)

Area between internal and external firewalls Accepts selected external traffic Web servers SMTP servers FTP servers DNS servers SSH

Packer-filtering Firewall (Stateless)

Blocks/allows traffic based in the source or destination IP address Analyzes Layer-3 and Layer-4 headers

Stateful Packet Inspection Firewall

Examines the context of the packet conversation to determine packet validity

Forward and reverse proxy

Forward: Client sends request to proxy and proxy forwards the resource to the client Reverse: Proxy accepts external requests on behalf of the client

Application-Layer Firewall

Inspects packet payloads for suspicious commands (put/get HTTP commands)

Proxy Server

Performs a network function on behalf of another system

Dual-Homed Host Firewalls

Single computer with two physical network interfaces that acts as a gateway between two networks Typically hosts Application-based Firewalls

Proxy Server

Server that offers a caching option to speed up network traffic for other internal clients

Proxy Server

Server that offers lots of logging features to allow admins to closely control external web traffic

NAT (Network Address Translation)

Use a private internal range of addresses to be translated to a public address


Related study sets

8. RNA Processing Part 4: tRNA Transcription and Processing

View Set

Geovisualization I - Lecture Questions

View Set

ITE115 Module 02: Operating Systems and File Management Quiz

View Set

Family Life Education Final Exam Review Guide

View Set

Висловлювання як форма мислення

View Set

802.1X/EAP (CCMP/AES) and its relation to WEP, TKIP, RC4, WPA/WPA2

View Set