Skip to main content

Firewall

What is firewall ?



Firewall is a software and hardware ,it is protect our system to the malware,virus, and malicious software ,which is come in to the system with the help of pen-drive or downloaded file .
A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. The rule is two type outbound and inbound .It's defined by the user.firewall only protect to incoming services . A firewall controls access to the resources of a network through a positive control model. This means that the only traffic allowed onto the network is defined in the firewall policy; all other traffic is denied.
Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet. 

Types of Firewall:- The National Institute of Standards and Technology (NIST) 800-10 divides firewalls into four basic types:

  1. Packet filters firewall
  2. Application gateway
  3. Circuit-level gateway
  4. Proxy server firewall
Describe one-by-one types of firewall :--

  1. Packet filter firewall:--

This involve looking at each packet entering or leaving the network and accepts or reject it on the basis of user define rule. Packet filtering is fairly effective and transparent user, but it is difficult  to configure . it is able to IP spoofing.IP spoofing is technique used to gain unauthorized access to computer , whereby the intruder send massage to a computer with an IP address indicate the massage is coming from a trusted host. To engage in IP spoofing , a hacker must first use a variety of technique to find an IP address of a trusted host .Never router and firewall arrangement can offer protection against IP spoofing .

2. Application gateway:-

This applise  security mechanism to specific application,  such as file transfer protocol (FTP),and telnet servers.This is very effective but can impose performance degradation  .

3. Circuit-level gateway:-

  With this ,security mechanism are applised when a TCP and UDP connection is established once the connection has been made ,packet can flow between the host without further checking .

4. Proxy server :- 

this is used to entercept all massage entering and leaving the network the proxy server effectively hides the true network address .most organisation have made this mandatory vide their security policy in interest of information system protection  for the user/employees. 

Comments

Post a Comment

thank you for visiting :)

Popular posts from this blog

The Seven-Step Model of Migration

Irrespective of the migration approach adopted, the Seven-step Model of Cloud Migration creates a more rational point of view towards the migration process and offers the ability to imbibe several best practices throughout the journey Step 1: Assess Cloud migration assessments are conducted to understand the complexities in the migration process at the code, design and architectural levels. The investment and the recurring costs are also evaluated along with gauging the tools, test cases, functionalities and other features related to the configuration. Step 2: Isolate The applications to be migrated to the cloud from the internal data center are freed of dependencies pertaining to the environment and the existing system. This step cuts a clearer picture about the complexity of the migration process. Step 3: Map Most organisations hold a detailed mapping of their environment with all the systems and applications. This information can be used to distinguish between the ...
Post a Comment
Read more

Cloud Computing architecture

Cloud computing architecture refers to all components and sub-components that together form the structure of the cloud computing system. This architecture can be divided into three parts for better understanding – front end, back end and middleware. Each part of the cloud architecture has its own set of functionalities and protocols that work together to deliver on-demand services to user-facing hardware as well as software. In general, the architecture is evolved out of large distributed network applications over the last two decades. Hence it supports any system where resources can be pooled and partitioned as required. The general cloud architecture is capable of running multiple software applications running on multiple virtual hardware in multiple locations to efficiently render on-demand services to the users. The users could be using these software applications from their desktop or laptop or mobile or tablets. Usually, whatever the user is looking at – through t...
Post a Comment
Read more

connection oriented

connection-oriented:- connection-oriented  describes a means of transmitting data in which the devices at the end points use a preliminary  protocol  to establish an end-to-end connection before any data is sent. Connection-oriented protocol service is sometimes called a "reliable" network service, because it guarantees that data will arrive in the proper sequence. Transmission Control Protocol ( TCP ) is a connection-oriented protocol. For connection-oriented communications, each end point must be able to transmit so that it can communicate. The alternative to connection-oriented transmission is the  connection-less  approach, in which data is sent from one end point to another without prior arrangement. Connection-less protocols are usually described as  stateless  because the end points have no protocol-defined way to remember where they are in a "conversation" of message exchanges. Because they can keep track of a conversation, connection-or...
Post a Comment
Read more

tag