A Firewall is a software program or a hardware device that protects a system or a network from unauthorized access by blocking unwanted traffic.
A firewall can allow or deny incoming and outgoing traffic based on a set of rules that are either explicitly configured by an administrator or which are active by default.
There are three main generations of firewalls:
Packet filters (first generation): These firewalls make decisions based on rules that correspond to one or more network packet attributes. These rules appear in the form of an access control list (ACL). Packet filtering firewalls are also called stateless firewalls because they can only inspect a packet in isolation, and cannot determine what has come before that packet that might provide valuable context.
Stateful firewalls (second generation): In contrast to packet filters, stateful firewalls can identify past traffic that is related to a packet. This means that a stateful firewall can view the entire conversation of a transmission, such as the three-way TCP/IP handshake. Stateful firewalls can, therefore, make more informed decisions about what traffic to deny and what to allow.
Application-layer firewalls (third generation): These firewalls can inspect the contents of application-layer traffic (e.g., protocols like HTTP and FTP) and make decisions based on these contents. An application-layer firewall can detect attempts to bypass traditional filtering and stateful inspection that leverage known software exploits.
Comments
Post a Comment