Firewall is a network system designed to monitor and control a network by scanning incoming and outbound network traffic and network data packets according to a set of predefined rules (Zhu, & Qiu, 2015). A firewall is implemented to detect and block intrusion and/or malware from entering a local or private network.
Packet Filtering Firewalls
Rouse (2005) defines packet filtering as the process by which data packets are passed into a local network or blocked from entering the local network depending on the source IP addresses, ports and/or protocols. Packet filtering Firewall programs or software are installed on a network to detect and block unwanted network intrusion.
Packet filtering technique protects computers and network systems within a local network. Although in the past it used to check receiver and sender IP address to determine the location and validity of data packets, the availability of IP spoofing devices and programs have resulted in more network checks such as User Datagram Protocol (UDP) and Transmission Control Protocol (TCP).
Packet filtering firewalls are commonly installed in – or readily comes with- routing devices hence making it the cheapest form of LAN firewall protection. The packet filter program inspects the header of every packet entering the network according to predefined rules, for example, excluded IP location. If the packets are found out to be from an intruder, they are dropped while if the packets are found out to be secure, they are accepted.
Packet filtering rules can be defined in three ways:
- accept only packets determined to be secure and drop the rest,
- drop only insecure packets and accept the rest, and
- quarantine or notify the user when packets that are not covered in the filtering rules are received.
Application – Gateway Firewalls
Application-Gateway firewalls, unlike packet filtering firewalls, are installed between two networks and require large memory and processing power. They are often called application proxy or application-level proxy because they act as a gateway that stands between the client program and the destination service (Rathnayake, De Silva, & Amarasinghe, 2016). When the client attempts to connect to the server, the application-gateway firewall acts as a mediator in order to validate packets and intrusion. The application proxy, acting as the mediator, protects the client and client information while performing all packet-forwarding choices.
Although they are considered among the most secure firewall protection techniques, the need for large memory and great processing power requires expensive hardware to be invested on this type of protection hence making it an expensive firewall technique. Examples include, File Transfer Protocol (FTP), BitTorrent and Telnet (Application Gateway, n.d.).
Circuit Gateway Firewalls
Circuit Gateway Firewall monitors handshaking between network packets so as to filter out illegitimate requests. They are located in the session layer of the Open Systems Interconnect (OSI Model) or between application and transport layer of the TCP/IP model (Kaur, Malhotra, & Singh, 2014).
They hide information about the local network which helps expose imposters. In comparison to other firewall techniques, Circuit Gateway Firewall is relatively cheap. Unlike packet filtering, however, they are disadvantageous because they do not handle individual network packets.
Hybrid firewalls are used in both networks and application level because they are a combination of packet filtering firewalls, application-gateway firewalls and circuit gateway firewalls. It is the most secure because it combines the capabilities of the three firewall techniques. It is also the most expensive because it requires hardware and software to put together a system that comprises of all the other firewall techniques discussed above.
“Application Gateway” (n.d.). Retrieved from https://www.techopedia.com/definition/4189/application-gateway.
Kaur, T., Malhotra, V., & Singh, D. (2014). Comparison of network security tools-firewall, intrusion detection system and Honeypot. Int. J. Enhanced Res. Sci. Technol. Eng, 200-204.
Rathnayake, K. D., De Silva, N. H., & Amarasinghe, D. J. (2016). Future Firewall Security Enhancements. Imperial Journal of Interdisciplinary Research, 2(11).
Rouse, M. (2005). Packet Filtering. Retrieved from https://searchnetworking.techtarget.com/definition/packet-filtering.
Zhu, Y., & Qiu, J. (2015). Design and Research of Distribution Network Firewall Protection Terminal. group, 1, 7.