The primary purpose of a firewall is to create a secured zone, and may be performed in any number of
different fashions. Also the purpose of a firewall is not only to keep unauthorized individuals out of the network, it is also intended from preventing individuals inside the network from going to unauthorized sites.
The Firewall typically falls into one of three different categories:
- A Bastion host firewall is used to screen the network from security exposure, and is the first line of defense between the network and the internet. This is often times a server that is located between the internet and the local area network, and is most commonly seen with small networks.
- A Screened host gateway uses a router between the bastion host and the internet. Typically the router will make use of access control list (packet filtering), port filtering or application filtering. Once the incoming traffic has been filtered, the traffic that is allowed is sent to the bastion host where it is redirected to the bastion host which then forwards the traffic to the appropriate server or workstation.
- AScreened subnet gateway typically uses a router on each side of the bastion host.
The
DMZ (Demilitarized Zone) is a form of bastion host as seen here, and is the most common type of firewall that is used today. Relay Servers are placed in the DMZ, since this is the first line of attack from hackers.
The DMZ type zone may also serve as a honey pot where attackers are led to believe that this is the honey of the hive. Once the alleged attacker is in the honey pot the administration may be notified and increase protection for the corporate intranet.
Taking this farther a honey pot may be created which lures attackers, where that they may be identified.
Copyright ©2002-2010 Testbusters.net. All Rights Reserved.
Testbusters.net is not sponsored, endorsed or affiliated by any associated vendor.
Associated venders include, but are not limited to, Microsoft®, Cisco®, CompTIA®, Novell® etc.
