It is a device within a network responsible for determining what traffic is allowed to enter and exit.
Firewall
Firewall Category
Stateful
Stateless
This type of firewall uses the entire information from a connection; rather than inspecting an individual packet, this firewall determines the behaviour of a device based upon the entire connection.
This firewall type consumes many resources in comparison to stateless firewalls as the decision making is dynamic. For example, a firewall could allow the first parts of a TCP handshake that would later fail.
If a connection from a host is bad, it will block the entire device.
Stateful
This firewall type uses a static set of rules to determine whether or not individual packets are acceptable or not. For example, a device sending a bad packet will not necessarily mean that the entire device is then blocked.
Whilst these firewalls use much fewer resources than alternatives, they are much dumber. For example, these firewalls are only effective as the rules that are defined within them. If a rule is not exactly matched, it is effectively useless.
However, these firewalls are great when receiving large amounts of traffic from a set of hosts (such as a Distributed Denial-of-Service attack)
Stateless
What layers of the OSI model do firewalls operate at?
3 & 4
What category of firewall inspects the entire connection?
stateful
What category of firewall inspects individual packets?
stateless
-
What Is Networking?16
-
Introducing LAN11
-
A Primer on Subnetting11
-
ARP9
-
DHCP9
-
OSI Model4
-
Layer 1 - Physical3
-
Layer 2 - Data Link5
-
Layer 3 - Network4
-
Layer 4 - Transport14
-
Layer 5 - Session3
-
Layer 6 - Presentation4
-
Layer 7 - Application3
-
What are Packets and Frames8
-
TCP/IP (The Three-Way Handshake)20
-
UDP/IP12
-
Ports 10114
-
Introduction to Port Forwarding2
-
Firewalls 1018
-
VPN Basics7
-
LAN Networking Devices5
