Comparison Between Different Firewall and Their Abilities.

984 Words4 Pages
Packet filtering is the earliest technology developed to protect the network from dangers in the Internet. It works at network transport layer. A data is split in to several packets and then reassembled back once it has reached its destination. Administrators creates a set of rules which will then be configured to the router, router will then act as a security guard, will either deny or allow packets from passing through. However packet filtering has only limited function, it can only analyze header information in IP packets. For an instance it can all allow or deny specific functions of FTP such as the use of “GET” and “PUT” command (Ogletree, 2000). Packet filtering susceptible to IP Spoofing (Webopedia, 2011). IP Spoofing is used by…show more content…
Disadvantage of proxy server, low performance due to processing at application level and not so effective, due to protocol specific services. Application gateway works on the application level and it is also connected proxy server; it is more complex version of a firewall, intercepting traffic for a specific application is what it does mainly (Ogletree, 2000). When a connection is established, it is then brought to application gateway first or proxy which then will proceed to destination. Compared to other firewall technologies it is very secure but also consumes large memory and a good processor (Webopedia, 2011). Advantage of Application level gateway provides direct connection between external and internal hosts are disallowed, besides that it also allows user-level authentication and finally application commands are analyzed inside the data packets. (Careerride, 2008-2010). Disadvantage of application gateway- detailed concentration is required to each individual application that uses the gateway and has a very complicated and complex setup. Circuit Level Filtering is one step ahead than packet filtering, and it works at Transport Layer. Major duty would be to check whether the connection between both sides is valid and only then will decide to allow the packet to be transmitted (, 1998-2011). Once that is done it allows the traffic for a limited time from the valid source. To determine the validity of connection, it is based on certain
Get Access