The firewall protects an internal network from malicious hackers or software on an external network. Firewalls filter potentially harmful incoming or outgoing traffic. Firewalls are used to subdivide internal networks on the Internet. It also protects individual computers. The five services that firewalls provide are packet filtering, application filtering, proxy server, circuit-level, and stateful inspection.
• Packet Filtering: A packet filtering firewall checks each packet crossing the device. It also inspects the packet headers of all network packets going through the firewall.
Source IP Address: It identifies the host that is sending the packet. Attackers can modify this
field in an attempt to conduct IP spoofing. Firewalls are configured to reject packets that arrive at
the external interface, that is either an erroneous host configuration or an attempt at IP spoofing.
Destination IP Address: This is the IP address that the packet is trying to reach.
IP Protocol ID: Each IP header has a protocol ID that follows. For example, Transmission
Control Protocol (TCP) is ID 6, User Datagram Protocol (UDP) is ID 17, and Internet Control
Message Protocol (ICMP) is ID 1.
Fragmentation Flags: Firewalls examine and forward or reject fragmented packets. A
successful fragmentation attack can allow an attacker to send packets that could compromise an
internal host.
IP Options Setting: This field is used for diagnostics. The firewall is configured to drop network
packets that use this field. Attackers can use this field in conjunction with IP spoofing to redirect
network packets to their systems.
• Application Filtering: This device will intercept connections and performs security inspections. The firewall acts as a proxy for connections between the internal and external network. The firewall enforce access control rules specific to the application. It is also use to check incoming e-mails for virus attachments. These firewalls are often called e-mail gateways.
• Proxy Server: A proxy server takes on responsibility for providing services between the internal and external network. Proxy server can be used to hide the addressing scheme of the internal network. It can also be used to filter requests based on the protocol and address requested.
• Circuit-Level: A circuit-level firewall controls TCP and UDP ports, but doesn't watch the data
transferred over them. If a connection is established, the traffic is transferred without any further
checking.
• Stateful Inspection: An inspection firewall works at the Network layer. It assesses the IP header
information. It also monitors the state of each connection. Connections are rejected if they attempt any actions that are not standard for the given protocol. These listed firewall features can be implemented in combination by a given firewall implementation. Placing a lot of firewalls in series is a common practice to increase security at the network perimeter.- Related Videos
- Related Articles
- Ask / Related Q&A
- Cisco Security Certificates Mechanism And Its Aspects
- Comptia Security+ Article on Firewall Security Advantages and Firewall Functions
- Getting an Isecp Certification
- Internet Security: 8 Proven Tactics to Eliminate Threats from Spam, Viruses, and Hackers
- Start Up Guide to Become an Information Security Consultant
- Online Voting Security Takes a Quantum Leap
- 7 Guidelines for Secure Internet Shopping
- Cisco Networking Certifications - Free Video Tutorials




Examsoon JK0-U31 Practice Exam
By: Adela1987 | 30/12/2009Passing CompTIA E2CJK0-U31 exam may sound difficult but you don't need to fret. Examsoon has seen to it that nothing remains complex for you. The Questions and Answers prepared by Examsoon cover all the potential questions coming in the JK0-U31 exam, as well as the most recurring ones, and the ones being introduced from time to time by CompTIA itself. By preparing with Examsoon, you can be sure of preparing with the best resources possible. This saves your invaluable time and sets you on the rig
Examsoon JK0-603 test exams
By: Adela1987 | 30/12/2009Examsoon CompTIA JK0-603 Exam Benefits: The benefits can be realized immediately after clearing the CompTIA JK0-603 dumps. You leapfrog across such a vast competition, that you leave your peers behind. The level is entirely different up there. You enter a domain of top working professionals, who have also toiled hard to reach that place. Clearing CompTIA JK0-603 exam is enough to make your colleagues jealous of your achievements and now you can trust of your superiors.
Examsoon JK0-010 braindumps exam
By: Adela1987 | 30/12/2009Examsoon.com is your premier source of JK0-010 E2C/Jobs+ Security+ Certificationtest training. With our JK0-010 E2C/Jobs+ Security+ Certification practice tests, no other vendor will be able to compare to quality JK0-010 study guides. our CompTIA JK0-010 braindumps exam is always updated to provide you the most actual information available and this is done with the help of our Examsoon professionals team of certification experts, technical staff, and comprehensive language masters who are always
Pass4side 000-926 exam materials
By: Adela1987 | 30/12/2009Pass4side panel of IT professionals and experts updates 000-926 exam regularly in order to provide candidate of 000-926 exam recently updated, relevant and accurate material. Pass4side has maximum pass ratio among other 000-926 exam providers.
Pass4side JK0-U31 practice test
By: Adela1987 | 30/12/2009With the help of the Pass4side study materials and guidance of CompTIA JK0-U31 certification exam, you can pass your CompTIA JK0-U31 certification exam in your first attempt. Pass4side study materials of JK0-U31 is composed by the contemporary and dynamic Information Technology experts, who use their knowledge and experience to organize you for your future in IT.
Pass4side JK0-602 exam braindumps
By: Adela1987 | 30/12/2009Pass4side provides you everything that you need to pass your CompTIA JK0-602 certification exam. Pass4side also provides you the JK0-602 exam objectives with there detailed and verified answer relevant to your certification.
Examsoon 000-015 study materials
By: Adela1987 | 30/12/2009Examsoon even offers the 100% Money Back Guarantee for 000-015 Exam to help convey to you our confident in our IBM 000-015 Exam products! Examsoon 000-015 Exam can guarantee that combined with proper effort and 000-015 Exam preparation methods, our 000-015 Exam modules will certainly boost your chance of passing the 000-015 Exam exam! We are strongly confident that you will pass your 000-015 Exam exam the first time!
Screen Protector Used In Mobiles And Pdas
By: Baringevelyn | 29/12/2009Screen protector is used to protect the LCD screens of electronic gadgets. PDAs and Touch screen mobiles which are the most common used gadget for which screen protectors are used since these PDAs and mobiles are operated via a stylus and if not used carefully, the tip of the stylus can potentially scratch the sensitive LCD screen so the screen protectors were introduced.
CCENT Tutorial - Introduction to OSI 7 Layer Model
By: M. Aslam | 07/11/2009 | NetworksThe 7 Layer OSI model is hierarchical, and the same benefits and advantages can implement to any layered model. The most-valuable purpose of all such patterns, especially the OSI model, is to let different vendors’ networks to interoperate.
CompTIA A+ Tutorial on Storage Devices, Floppy Drives and Hard Drives
By: M. Aslam | 07/11/2009 | HardwareCompTIA A+ Tutorial - A storage drive reads or saves info to magnetic or visual storage media. It can be used to storage data permanently or to retrieve info from a media disk. Storage drives can be set up inside the computer case, such as a hard drive.
Free CCNA Tutorial
By: M. Aslam | 04/11/2009 | NetworksFree CCNA Tutorial on EIGRP and RTP. EIGRP uses a proprietary protocol called Reliable Transport Protocol (RTP) to deal the communication of substances between EIGRP-speaking routers.
Windows Vista Ultimate Edition Features
By: M. Aslam | 17/12/2008 | SoftwareWindows Ultimate is unique in that it not only features all the features of the other Windows editions, but also includes downloadable Windows Ultimate Extras.
What’s New in Windows Vista?
By: M. Aslam | 17/12/2008 | SoftwareThere’s more. Behind the scenes, Windows Vista is a vastly improved operating system. It’s more secure. It’s less prone to critical failures and file corruption.
Microsoft Windows Vista Features of Different Versions
By: M. Aslam | 17/12/2008 | SoftwareThe company released a number of different Windows Vista editions, each aimed at a different market segment. Windows Vista Starter, which is only available in emerging markets, is a barebones operating system for the simplest computers.
Introducing Microsoft Operating Systems Includes Windows Vista, Xp, 2000, Nt, 3.1 and Dos
By: M. Aslam | 17/12/2008 | SoftwareBasic Information about Microsoft operating systems includes Microsoft Windows Vista, XP, 2000, Windows NT.