A firewall is a system that is designed to prevent unauthorized access to or from a private network. You can implement firewalls in your hardware, software or both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks that are connected to the Internet. With all that said, let's talk about some of the different types of firewalls available. Most firewalls use two or more of the following techniques:
- Packet Filters: A packet filter looks at each packet that enters or leaves the network and accepts or rejects the packet based on user-defined rules. Packet
filtering is fairly effective and transparent, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
- Application Gateway: An application gateway applies security mechanisms to specific programs, such as FTP and Telnet. This technique is very effective,
but it can cause performance degradation.
- Circuit-layer Gateway: This technique applies security mechanisms when a Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) connection
is established. After the connection has been established, packets can flow between the hosts without any further checking.
- Proxy Server: A proxy server intercepts all messages that enter and leave the network. The proxy server effectively hides the true network addresses.
- Application Proxies: Application proxies have access to the whole range of information in the network stack. This permits the proxies to make decisions based on basic authorization (the source, the destination and the protocol) and also to filter offensive or disallowed commands in the data stream. Application proxies are "stateful," meaning they keep the "state" of connections inherently. The Internet Connection Firewall feature that is included in Windows XP is a "stateful" firewall, as well as, the Windows Firewall. The Windows Firewall is included with Windows XP Service Pack 2 (SP2).
Now that you know some of the different types of firewalls and their configurations, you can better determine which one will work the best for your computer.