Comptia Security+ Article on Firewall Security Advantages and Firewall Functions

<h1>Comptia Security+ Article on Firewall Security Advantages and Firewall Functions</h1>Author: <a title="M. Aslam" href="http://www.articlesbase.com/authors/m.-aslam/50858.htm">M. Aslam</a> 
The firewall protects an internal network from malicious hackers or software on an external network. Firewalls filter potentially harmful incoming or outgoing traffic. Firewalls are used to subdivide internal networks on the Internet. It also protects individual computers. The five services that firewalls provide are packet filtering, application filtering, proxy server, circuit-level, and stateful inspection. • Packet Filtering: A packet filtering firewall checks each packet crossing the device. It also inspects the packet headers of all network packets going through the firewall. Source IP Address: It identifies the host that is sending the packet. Attackers can modify this field in an attempt to conduct IP spoofing. Firewalls are configured to reject packets that arrive at the external interface, that is either an erroneous host configuration or an attempt at IP spoofing. Destination IP Address: This is the IP address that the packet is trying to reach. IP Protocol ID: Each IP header has a protocol ID that follows. For example, Transmission Control Protocol (TCP) is ID 6, User Datagram Protocol (UDP) is ID 17, and Internet Control Message Protocol (ICMP) is ID 1. Fragmentation Flags: Firewalls examine and forward or reject fragmented packets. A successful fragmentation attack can allow an attacker to send packets that could compromise an internal host. IP Options Setting: This field is used for diagnostics. The firewall is configured to drop network packets that use this field. Attackers can use this field in conjunction with IP spoofing to redirect network packets to their systems. • Application Filtering: This device will intercept connections and performs security inspections. The firewall acts as a proxy for connections between the internal and external network. The firewall enforce access control rules specific to the application. It is also use to check incoming e-mails for virus attachments. These firewalls are often called e-mail gateways. • Proxy Server: A proxy server takes on responsibility for providing services between the internal and external network. Proxy server can be used to hide the addressing scheme of the internal network. It can also be used to filter requests based on the protocol and address requested. • Circuit-Level: A circuit-level firewall controls TCP and UDP ports, but doesn't watch the data transferred over them. If a connection is established, the traffic is transferred without any further checking. • Stateful Inspection: An inspection firewall works at the Network layer. It assesses the IP header information. It also monitors the state of each connection. Connections are rejected if they attempt any actions that are not standard for the given protocol. These listed firewall features can be implemented in combination by a given firewall implementation. Placing a lot of firewalls in series is a common practice to increase security at the network perimeter.About the Author: Earn <a href="http://www.freetechexams.com/certifications/comptia/securityplus/security-plus-practice-exam-questions-test.html"> Security+ </a>,<a href="http://www.freetechexams.com"> CCNP </a> and <a href="http://www.freetechexams.com/certifications/comptia/networkplus/network-plus-practice-exam-questions-test.html"> Network+ </a> Certifications for free.Article Source: <a href="http://www.articlesbase.com/">ArticlesBase.com</a> - <a href="http://www.articlesbase.com/e-learning-articles/comptia-security-article-on-firewall-security-advantages-and-firewall-functions-650185.html" title="Comptia Security+ Article on Firewall Security Advantages and Firewall Functions">Comptia Security+ Article on Firewall Security Advantages and Firewall Functions</a>

The firewall protects an internal network from malicious hackers or software on an external network. Firewalls filter potentially harmful incoming or outgoing traffic. Firewalls are used to subdivide internal networks on the Internet. It also protects individual computers. The five services that firewalls provide are packet filtering, application filtering, proxy server, circuit-level, and stateful inspection.

• Packet Filtering: A packet filtering firewall checks each packet crossing the device. It also inspects the packet headers of all network packets going through the firewall.

Source IP Address: It identifies the host that is sending the packet. Attackers can modify this

field in an attempt to conduct IP spoofing. Firewalls are configured to reject packets that arrive at

the external interface, that is either an erroneous host configuration or an attempt at IP spoofing.

Destination IP Address: This is the IP address that the packet is trying to reach.

IP Protocol ID: Each IP header has a protocol ID that follows. For example, Transmission

Control Protocol (TCP) is ID 6, User Datagram Protocol (UDP) is ID 17, and Internet Control

Message Protocol (ICMP) is ID 1.

Fragmentation Flags: Firewalls examine and forward or reject fragmented packets. A

successful fragmentation attack can allow an attacker to send packets that could compromise an

internal host.

IP Options Setting: This field is used for diagnostics. The firewall is configured to drop network

packets that use this field. Attackers can use this field in conjunction with IP spoofing to redirect

network packets to their systems.

• Application Filtering: This device will intercept connections and performs security inspections. The firewall acts as a proxy for connections between the internal and external network. The firewall enforce access control rules specific to the application. It is also use to check incoming e-mails for virus attachments. These firewalls are often called e-mail gateways.

• Proxy Server: A proxy server takes on responsibility for providing services between the internal and external network. Proxy server can be used to hide the addressing scheme of the internal network. It can also be used to filter requests based on the protocol and address requested.

• Circuit-Level: A circuit-level firewall controls TCP and UDP ports, but doesn't watch the data

transferred over them. If a connection is established, the traffic is transferred without any further

checking.

• Stateful Inspection: An inspection firewall works at the Network layer. It assesses the IP header

information. It also monitors the state of each connection. Connections are rejected if they attempt any actions that are not standard for the given protocol. These listed firewall features can be implemented in combination by a given firewall implementation. Placing a lot of firewalls in series is a common practice to increase security at the network perimeter.

Earn Security+ , CCNP and Network+ Certifications for free.

Rate this Article:

0 / 5 stars - 0 vote(s)

Re-Publish

Article Source: http://www.articlesbase.com/e-learning-articles/comptia-security-article-on-firewall-security-advantages-and-firewall-functions-650185.html

Article Tags: Firewall, Security+ Certification, Security+, Firewall Security, Firewall Functions, Firewall Advantages, Comptia Security+

Related Videos
Related Articles
Ask / Related Q&A

Play

How to Secure Linux - SSH & iptables Firewall - VPS BIBLE #6

Play

Hacking Wireless Networks Made Easy - FrugalTech

Play

Free Network Security From Untangle - FrugalTech

Play

How to use Secure Firewall to protect your network

Play

Learn About Secure Computing

Latest E-Learning Articles
More from M. Aslam

Examsoon JK0-U31 Practice Exam

By: Adela1987 | 30/12/2009
Passing CompTIA E2CJK0-U31 exam may sound difficult but you don't need to fret. Examsoon has seen to it that nothing remains complex for you. The Questions and Answers prepared by Examsoon cover all the potential questions coming in the JK0-U31 exam, as well as the most recurring ones, and the ones being introduced from time to time by CompTIA itself. By preparing with Examsoon, you can be sure of preparing with the best resources possible. This saves your invaluable time and sets you on the rig

Examsoon JK0-603 test exams

By: Adela1987 | 30/12/2009
Examsoon CompTIA JK0-603 Exam Benefits: The benefits can be realized immediately after clearing the CompTIA JK0-603 dumps. You leapfrog across such a vast competition, that you leave your peers behind. The level is entirely different up there. You enter a domain of top working professionals, who have also toiled hard to reach that place. Clearing CompTIA JK0-603 exam is enough to make your colleagues jealous of your achievements and now you can trust of your superiors.

Examsoon JK0-010 braindumps exam

By: Adela1987 | 30/12/2009
Examsoon.com is your premier source of JK0-010 E2C/Jobs+ Security+ Certificationtest training. With our JK0-010 E2C/Jobs+ Security+ Certification practice tests, no other vendor will be able to compare to quality JK0-010 study guides. our CompTIA JK0-010 braindumps exam is always updated to provide you the most actual information available and this is done with the help of our Examsoon professionals team of certification experts, technical staff, and comprehensive language masters who are always

Pass4side 000-926 exam materials

By: Adela1987 | 30/12/2009
Pass4side panel of IT professionals and experts updates 000-926 exam regularly in order to provide candidate of 000-926 exam recently updated, relevant and accurate material. Pass4side has maximum pass ratio among other 000-926 exam providers.

Pass4side JK0-U31 practice test

By: Adela1987 | 30/12/2009
With the help of the Pass4side study materials and guidance of CompTIA JK0-U31 certification exam, you can pass your CompTIA JK0-U31 certification exam in your first attempt. Pass4side study materials of JK0-U31 is composed by the contemporary and dynamic Information Technology experts, who use their knowledge and experience to organize you for your future in IT.

Pass4side JK0-602 exam braindumps

By: Adela1987 | 30/12/2009
Pass4side provides you everything that you need to pass your CompTIA JK0-602 certification exam. Pass4side also provides you the JK0-602 exam objectives with there detailed and verified answer relevant to your certification.

Examsoon 000-015 study materials

By: Adela1987 | 30/12/2009
Examsoon even offers the 100% Money Back Guarantee for 000-015 Exam to help convey to you our confident in our IBM 000-015 Exam products! Examsoon 000-015 Exam can guarantee that combined with proper effort and 000-015 Exam preparation methods, our 000-015 Exam modules will certainly boost your chance of passing the 000-015 Exam exam! We are strongly confident that you will pass your 000-015 Exam exam the first time!

Screen Protector Used In Mobiles And Pdas

By: Baringevelyn | 29/12/2009
Screen protector is used to protect the LCD screens of electronic gadgets. PDAs and Touch screen mobiles which are the most common used gadget for which screen protectors are used since these PDAs and mobiles are operated via a stylus and if not used carefully, the tip of the stylus can potentially scratch the sensitive LCD screen so the screen protectors were introduced.

CCENT Tutorial - Introduction to OSI 7 Layer Model

By: M. Aslam | 07/11/2009 | Networks
The 7 Layer OSI model is hierarchical, and the same benefits and advantages can implement to any layered model. The most-valuable purpose of all such patterns, especially the OSI model, is to let different vendors’ networks to interoperate.

CompTIA A+ Tutorial on Storage Devices, Floppy Drives and Hard Drives

By: M. Aslam | 07/11/2009 | Hardware
CompTIA A+ Tutorial - A storage drive reads or saves info to magnetic or visual storage media. It can be used to storage data permanently or to retrieve info from a media disk. Storage drives can be set up inside the computer case, such as a hard drive.

Free CCNA Tutorial

By: M. Aslam | 04/11/2009 | Networks
Free CCNA Tutorial on EIGRP and RTP. EIGRP uses a proprietary protocol called Reliable Transport Protocol (RTP) to deal the communication of substances between EIGRP-speaking routers.

Windows Vista Ultimate Edition Features

By: M. Aslam | 17/12/2008 | Software
Windows Ultimate is unique in that it not only features all the features of the other Windows editions, but also includes downloadable Windows Ultimate Extras.

What’s New in Windows Vista?

By: M. Aslam | 17/12/2008 | Software
There’s more. Behind the scenes, Windows Vista is a vastly improved operating system. It’s more secure. It’s less prone to critical failures and file corruption.

Microsoft Windows Vista Features of Different Versions

By: M. Aslam | 17/12/2008 | Software
The company released a number of different Windows Vista editions, each aimed at a different market segment. Windows Vista Starter, which is only available in emerging markets, is a barebones operating system for the simplest computers.

Introducing Microsoft Operating Systems Includes Windows Vista, Xp, 2000, Nt, 3.1 and Dos

By: M. Aslam | 17/12/2008 | Software
Basic Information about Microsoft operating systems includes Microsoft Windows Vista, XP, 2000, Windows NT.