Explain  Firewall ?


    There is a danger information leaking out or danger information leaking in particular viruses can bridge security destroy
valuable data and waste large amount of administrators time trying to clean up.

    consequently , mechanism are needed to keep good bits in and bad  bits out.One method is to use IPSec.This approach
protects data in transist between secure site. However IPSec does nothing to keep digital pest and intrader from getting on to
company Lan.

    Firewalls are a network security device that grant or reject network access to traffic flows between an untrusted zone
and trusted zone . The firewall as a point or traffic controller communication should flow through the firewall and it is where traffic
 is granted or reject access.

    Firewalls enforce access control through a positive control model which state that only traffic defined in the firewall policy
is allowe on to the network and all other traffic is denied.

    The firewall has two component, two routers that do packet filtering and an application gateway. Simple configuration
also exists but the advantages of this design is that every packet must transist two filters and application gateway to go or out.

    Each packet filter is a standard router equipment with some extra functionality. The extra functionality allows every
incoming or outgoing packet to be inspected. Packets meeting some checking and forwarded normally. Packet filter are typically
driven by table configuration by the system administrator. This table list source and destination that are block and default rules
about what to do with packets comming  from or going to other machines.

    The second component of firewall is application getway whether then just looking at raw packet .The getway operates
 an application  level. For example:- Mail Gateway.

    An even varient is one in which attacker has broken into 100''''''''''''''''s of computer else where in the world and then commands
all of them to attacks same target  at the same time. Not only does this approach increase the attackers fire power, they also reduce
his chance of detection. since the packets are coming from a large number of machines belonging to unsuspected users such
attacks is called DDOS (Distributed Denial Of Services). This kind of attacks stop by the Firewall.

Average Rating (0)
by Roshni   Sikligar  in Networking  on 10/5/2015 2:33:55 AM  

Post Your Comment