Firewalls a) What governs the type of traffic that is and is not allowed through

Question

Firewalls

a) What governs the type of traffic that is and is not allowed through a firewall? Explain.

A) TCP/IP headers.
B) Gateway.
C) Rule base.
D) Access control list.
E) Network protocol in use.

b) Firewalls can be implemented in different ways. Consider a dedicated firewall device. What is its major advantage when the target is throughput and security? Explain.

A) The management console is easily installed.
B) The device contains proprietary operating systems.
C) The connection to the device is monitored by security personnel.
D) A thorough packet inspection capability.
E) The hackers know most router-based firewall code.

Explanation / Answer

a) What governs the type of traffic that is and is not allowed through a firewall? Explain.
Ans) Access Control Lists(D)

Explanation on ACL:

ACL filters network traffic by controlling packets routing to forward or block at routers interface. It thoroughly examines each packet to determine if the packet has to be forwarded or dopped on the basis of rules specified in access lists. ACL rules could be the source address, destination address, upper layer protocol,etc. ACL's are used to provide basic security for accessing the network. If these rules are not configured all packets will pass through router and is allowed across all parts of the network.

Some examples can be permitting only telnet or ftp traffic but blocking e-mail traffic. These are used in firewall routers which are placed between internal and external network of the internet. To provide security benefits to users access lists should have a minimum configured access lists on border routers-routers situated at various places of the network. This also provides some buffer from oustide network or from less controlled area of the network into a more sensitive are of network.

With ACL we can filter inbound or outbound traffic or both are filtered on an interface. Access lists can also be defined per protocol basis so that we can define access lists for every protocal enabled on the interface if we want to control traffic flow.

b) Firewalls can be implemented in different ways. Consider a dedicated firewall device. What is its major advantage when the target is throughput and security? Explain.

Ans) A thorough packet inspection capability(D)

Dedicated Firewall Explanation:

Firewalls statefully inspect reply packets to determine whether they match the expected state of a connection in the state table. Dedicated hardware firewalls are better because they are more powerful and can process more traffic. Also they support thorough packet inspection and can have features like attack detection.

Dedicated hardware generally gives you better functionality for the Firewall and includes services like:
Attack detection through IDS/IPS
Robut application level gateways
Facility to integrate with authentication systems
Ability to proxy particular application traffic
VPNs, IPSec and SSL

Also dedicated firewall boxes are more than packet filtering. A good type of fireward generally have DoS proection and more advanced packet inspection.

Related Questions

Navigate

• Browse (All)
• Browse F
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.