Lesson 9
Firewall Types Conclusion
A firewall is the most important aspect of overall security, since it enforces authentication upon all users, and all inbound
and outbound traffic is monitored. This module has discussed the types of firewalls, as well as the protocols, gateways, and
devices used to increase security at the network level. You have learned what a firewall is, how it enhances security, and how it enables you to implement strategies at various choke
points. You also learned about the advanced features that certain firewall products can provide.
Now that you have completed this module, you should able to:
- Define and describe firewalls
- Describe the role a firewall plays in a company's security policy
- Define common firewall terms
- Describe packet filter use as a first line of defense
- Describe and configure proxy servers
- Describe circuit-level gateways and their features
- Describe application-level gateways and their features
- Build a firewall using a bastion host
- Assess common firewall designs
Key terms and concepts
- Application-level gateway: Application gateways function at all four layers of the TCP/IP suite. They are typically
implemented through software installed on a specialized server. Application gateways are sometimes known as proxy servers.
- Bastion host: Strongly secured devices that have a direct network connection to a public network such as the
Internet. It can operate as any of the three types of firewalls.
- Circuit-level gateway: Circuit-level gateways are similar to packet filters. The main advantage of circuit-level
gateways is their ability to provide network address translation.
- (CGI) Common Gateway Interface: A protocol that allows a Web server to pass control to a software application,
based on a user request. It also allows that program to receive and organize that information, then return it to the user in
a consistent format. A CGI script resides on a Web server, enabling the CGI process.
- (DMZ) Demilitarized zone: Networks that are between a company's internal network and the external network.
A DMZ is used as an additional buffer to further separate the public network from your internal private network.
- Dual-homed bastion host: Identical in function to a bastion host but must have two network interfaces. Application gateways are typically installed on a dual-homed bastion host.
- Firewall: A security system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both.
Firewall token: A string of information that identifies a specific user as packets pass through the firewall. A token is usually encrypted.
- Gateway: A system that provides relay services between two devices. Gateways can range from an Internet application such as a common gateway interface (CGI) to a firewall gateway that process traffic between two hosts. The term is very generic and will be used for a firewall component that routes or processes data between two separate networks.
- Internal bastion host: Firewalls that reside inside the internal network and are normally used as application gateways that receive all incoming traffic from external hosts.
- Intrusion detection: Intrusion detection is a relatively new technology used with firewalls. It allows firewalls to perform specified actions when suspicious activity occurs
- (NAT) Network Address Translation: (NAT) Network Address Translation hides internal IP addresses from the external network. When a firewall is configured to provide NAT, all internal addresses are translated to public IP addresses when connecting to an external source.
- Packet filter: A type of firewall devices that process network traffic on a packet-by-packet basis. Packet filter devices allow or block packets, and are typically implemented through standard routers.
- Proxy server: Proxy servers communicate with external servers on behalf of the internal clients. When the terms application gateway or circuit-level gateway are used, they refer to the specific services provided by each form of firewall.
- Screened host firewall: A firewall that uses a bastion host to support both circuit- and application-level gateways and creates a demilitarized zone (DMZ) that functions as an isolated network between the Internet and the internal network.
- Screened subnet firewal: A type of firewall that uses a bastion host to support both circuit- and application-level gateways and creates a demilitarized zone(DMZ) that functions as an isolated network between the Internet and the internal network.
- Screening router: Examines inbound and outbound packets based upon filter rules. Screening router is another term for a packet filter.
- Single-homed bastion host: A bastion host that has only one network interface and is normally used for application-level gateway firewalls.
- Single-purpose bastion host: A separate bastion host dedicated to a single application.
Firewall Packet Filters - Quiz