I. Background of Firewall

Any device that controls network traffic for security reasons can be called a firewall. It puts up a barrier that controls the flow of traffic between networks and is able to protect the boundary of a university's internal network whilst it is connected to other networks (e.g. the Internet, third-parties' private networks).

The safest firewall would block all traffic, but that defeats the purpose of making the connection. Therefore, the key function of a firewall is to strictly control selected traffic in a secured manner.

There are three major types of firewalls that use different strategies for protecting internal networks from external or internal threats.

Screening Router

Also known as "Packet Filters" the Screening Router is the first generation of firewall devices built on network routers and operate in first three levels of OSI reference model. The device checks for matches to any of the packet filtering rules pre-configured, and drops or rejects the packet accordingly.

Network administrators are required to define a set of rules to instruct the Screening Routers to filter out packets. As most of the applications communicate over the Internet today uses well know ports for particular type of traffic, such as 80 for HTTP and 20 for FTP, the Screening Routers can easily distinguish between, and thus control, those types of traffics unless non-standard ports are used.

The major weakness of Screening Routers is its "stateless" nature - no information on the connection state is examined. Instead, only the low-level information contained in the packet itself will be filtered, such as source/destination address, protocol types, port numbers, etc.

 
Reference:
http://www.windowsecurity.com/whitepapers/General_Firewall_White_Paper.html
http://www.windowsecurity.com/articles/A_firewall_in_an_IT_system.html
Next page >
P.1 of 9