Distinguish among packet filtering firewalls stateful inspec

Distinguish among packet filtering firewalls, stateful inspection firewalls, and proxy firewalls. A thorough answer will require at least a paragraph for each type of firewall.

Acme Corporation wants to be sure employees surfing the web aren\'t victimized through drive-by downloads. Which type of firewall should Acme use? Explain why your answer is correct.

Solution

Packet Filtering Firewall-

This is one of the basic firewalls. It is one of the earliest types of firewalls. This firewall screens anything that comes into the internal network. It also checks anything that goes into the external network. This firewall is also called screening router. It filters maleficient packets by checking the packets that enter the network and allows only those allowed by the firewall policy to enter the network. It checks the packet header and determines if they should be allowed into the internal network. If it remembers the packet header information, the firewall is called stateful packet firewall. Otherwise it is called stateless/static packet firewall. This firewall is usually used to reduce load on a stateful inspection firewall.

Stateful Inspection firewall-

Stateful inspection firewall is an improvement on static packet filtering firewall. It is alsocalled dynamic packet filtering. While packet filtering checks the packet header, this firewall checks the packet to the application layer. It records IP addresses and port number information. It provides tighter security than packet filtering firewall. It monitors both incoming and outgoing packets. It maintains a state table that monitors all open connections in a firewall. This is not done in packet filtering firewall. This firewall is usually built behind a packet filtering firewall.

Proxy firewall-

This firewall monitors incoming network traffic using deep packet and stateful inspection. This firewall prevents systems from having direct contact with the network. Due to the addtional connections that have to be created for every outgoing and incoming packet, the performance is slower when compared to the other firewalls. But this firewall is also considered to be more secure than packet filtering firewalls.

In order to prevent drive-by download, the best firewall is stateful inspection firewall. This firewall inspect packets to the application layer. Any outgoing packet that requests incoming packets is tracked over a period of time. Only those incoming packets that satisfy specific conditions set by the system administrator are allowed to enter the internal network. This will prove useful in preventing drive-by downloads.