Firewalls/OSI Model Layer

Ace your homework & exams now with Quizwiz!

Circuit-Level Gateway Firewall OSI Layer

Layer 5

Application-level firewalls OSI Layer

Layer 7

Packet filter firewalls OSI Layer

Layers 3 and 4

Stateful firewalls OSI Layer

Layers 3 and 4

Packet filter firewalls

These type of firewalls operate at Layer 3 and Layer 4 of the OSI model, which are the Network and Transport layers, respectively. They are simple in that it makes filtering decisions based on the header information of each packet. As a result, packet filter firewalls are not particularly flexible. For example, if you want to configure traffic on a port to flow inbound as well as outbound, you must open up the port in both directions. However, doing so might expose the internal network to undesirable inbound traffic on that port.

Stateful firewalls

These types of firewalls also operate at Layer 3 and Layer 4 of the OSI model. Unlike packet filtering firewalls, these firewalls make filtering decisions based on previous packets that have been sent. For example, if an outbound session is initiated, a this firewall can dynamically allow the return traffic in the inbound direction by creating an entry in the firewall's state table. Inbound traffic from other sources will be blocked unless there is a corresponding outbound session listed in the state table. As a result, these firewalls are more secure than packet filter firewalls.

Application-level firewalls

These types of firewalls can make filtering decisions based on Application layer data. However, to do so, the firewall must be able to understand the corresponding Application layer protocol. As a result, these firewalls are often designed to filter data for a particular Application layer protocol, such as Hypertext Transfer Protocol (HTTP) or File Transfer Protocol (FTP). For example, an HTTP proxy can block malicious HTTP commands or otherwise undesirable Web traffic, but it might not be able to block malicious FTP traffic.

Circuit-Level Gateway Firewall

These types of firewalls monitor the Transmission Control Protocol (TCP) handshake process and allow only legitimate connection attempts. it can provide filtering services for many upper-level protocols, such as those that operate at the Presentation and Application layers. However, it cannot make filtering decisions based on the data contained within those layers, because it does not understand the Application layer or Presentation layer data.


Related study sets

Federal Govt 2305 ch 1-5 Summer Unit 1

View Set

Pre-Assessment: Introduction to Physical and Human Geography D199

View Set

Talk With Your Doc Unit 3 Test - Biomed

View Set

GI Disorders/Management (CC Final, 33)

View Set