Classifications of Firewalls:
- Packet Filtering
- Circuit Level Gateway
- Application Level Gateway
Architectures of Firewall:
- Screening Router
- Dual Homed Gateway
- Screened-Host Gateway
- Screened Subnet
Classification |
Description |
Advantages |
Disadvantages |
Packet Filtering |
Basic. Operates at Network or Transport Layers. Examines TCP,IP,ICMP,UDP headers from the packet and routes based on a firewall ACL |
|
|
Circuit Level Gateway |
Operates at Session Layer. Uses state information about the established connections. Once the virtual circuit is formed, no packet analysis is done. |
|
|
Application Level Gateway |
Operates at Application Layer. Implemented as a Proxy Server. |
|
|
Architecture |
Description |
Advantages |
Disadvantages |
Screening Router |
Basic Packet Filtering Firewall |
|
|
Dual homed Gateway |
It is bastion host with two network interface cards. It may be connected to an external screening router |
|
|
Screened Host Gateway |
External Screening router and internal Bastion Host. |
|
|
Screened subnet |
Most secure. Forms a DMZ network between external and internal firewall |
|
|
Comments on this entry are closed.