8/13/2019 Who Many Types of Firewall
1/2
How many types
How many types of firewall are there?
Information applies to:
Products -
Panda GateDefender Integra 100
Panda GateDefender Integra 300
There are various types of firewall, depending on the technology
they use: packet filtering
firewalls, stateful packet filtering firewalls, application
firewalls and dynamic packet filters.Any firewall can be classified
under one or several of these categories.
Packet filtering firewalls
This technology belongs to the first generation of firewalls. It
works at network and
transport layer in the OSI model (layer 3 and 4), analyzing IP
addresses and ports. Each
packet that enters or leaves the network is inspected and
accepted or rejected based on therules defined by the firewall
administrator. Packet filtering is effective and transparent to
network users. Decisions based on packet filtering are taken
rapidly, and therefore this typeof firewall offers optimum
performance.
Some of the problems with this type of firewall are the
following:
They cannot determine if the packet that it has let through
contains some typeof malicious code.
They are difficult to setup and configure. They are vulnerable
to IP Spoofing.
Stateful packet filtering firewalls
This technology belongs to the second generation of firewalls
and validates that packetscorrespond to a connection request or to
a connection between two devices. It applies
security mechanisms when a TCP or UDP connection is
established.
Stateful packet filters keep an internal table with the state of
the connections through the
firewall. This type of firewall decides whether to accept or
reject traffic on a connection-by-connection basis. These decisions
are taken using both the information used by simplepacket filters
and the internal connections filter. Their performance is also
optimum, even
better than that of the simple packet filter, as in order to
decide what to do with a packetcorresponding to a connection, it
only needs to consult the table. Once the connection hasended, its
entry is deleted from the state table and data transmission is
closed.
8/13/2019 Who Many Types of Firewall
2/2
However, the connections table requires memory space, and they
should therefore be runon systems with adequate memory space.
Application firewalls (application proxies)
This type belongs to the third generation of firewalls. It
functions as a server and client,acting as an intermediary between
the systems that want to communication. This type of
firewall allows decisions to be taken based on the data sent by
each application and can
implement authentication for certain protocols. These are
potentially the most secure,although they are also the most complex
and offer the lowest performance. In general, theyare specific for
each application. Application proxies operate at levels 3, 4, 5, 6
and 7
(network, transport, session, presentation and application
levels respectively) of the OSImodel.
This type of firewall uses this knowledge about the information
transferred to provide more
selective blocking and to allow certain types of authorized
applications to function correctly.
They often have the capacity to modify the information
transferred in order to trickapplications into thinking that the
firewall does not exist. Others also incorporate additional
software for more in-depth traffic filtering at application
level, such as antivirus software forHTTP or SMTP traffic or
intrusion detection systems and can generate audits of
theinformation transmitted.
Dynamic packet filters
This type belongs to the fourth generation of firewalls and
allows security rules to bemodified. In this case, two or more
techniques are used to configure the firewall.
