Types of firewalls
There are several classifications of firewalls depending on:
- Whether the communication is being done between a single node and the network, or between two or more networks.
- Whether the communication is intercepted at the network layer, or at the application layer.
- Whether the communication state is being tracked at the firewall or not.
- Personal firewalls, a software application which normally filters traffic entering or leaving a single computer. This filtering may be based on the traffic itself or on the identity of the process which is attempting to listen for or send data.
- Network firewalls, normally running on a dedicated network device or computer positioned on the boundary of two or more networks or DMZs (demilitarized zones). Such a firewall filters all traffic entering or leaving the connected networks.
In reference to the layers where the traffic can be intercepted, three main categories of firewalls exist:
- Network layer firewalls. An example would be iptables.
- Application layer firewalls. An example would be TCP Wrappers.
- Application firewalls. An example would be restricting ftp services through /etc/ftpaccess file
There's also the notion of application firewalls which are sometimes used during wide area network (WAN) networking on the world-wide web and govern the system software. An extended description would place them lower than application layer firewalls, indeed at the Operating System layer, and could alternately be called operating system firewalls.
Lastly, depending on whether the firewalls keeps track of the state of network connections or treats each packet in isolation, two additional categories of firewalls exist:
- Stateful firewalls
- Stateless firewalls
No comments:
Post a Comment