A firewall is a set of components used to restrict access to data and information on a network. It may consist of hardware and software. Firewalls are used to restrict unauthorized users from accessing the resources of an organization.
Firewalls restrict data flows between the Internet and protected systems. It can be is done by defining the traffic such as users or addresses that is allowed and disallowing all other communication. Another way is to define what is prohibited and allowing all other transmissions. The primary purpose of a firewall is to intercept each packet addressed to the network and to decide whether to pass it on to the destination host. Packets originating from unknown or unauthorized IP addresses are carefully scrutinized. These packets are blocked if there are sufficient red flags. Firewall software can be implemented in routers, dedicated hosts, or in other network technologies including LAN hubs/switches and network adapter cards. The major kinds of firewalls include packet filtering and proxy firewalls.
In packet filtering, a limit is placed on the packets that can enter the network. It can also limit information moving from one segment to another. ACLs are used to enable the Firewall to accept or deny data packets. The disadvantages of packet filtering are as follows: Packets can still enter the network by fragmenting the data packets.
It is difficult to implement complex ACLS. Not all network services can be filtered
A proxy server is used by clients to communicate with secure systems using a proxy. The client gets access to the network via the proxy server. This step is used to authenticate the user, establish the session, and set policies. The client must connect to the proxy server to
connect to resources outside the network. The disadvantages of the proxy server are
The proxy server can r very slowly. Adding services can be difficult
There can be a potential problem with network failure if the proxy server fails or is corrupted.