- To block some TCP/IP ports to restrict a specific type of traffic; and
- Restrict access to limited domain names and IP addresses by using certain types of firewall.
Before configuring a firewall, one must have basic knowledge about the standard security practices because they trigger a default deny rule. All steps that are a part of firewall configuration need proper attention from the administration because it offers threats to the day to day processes of the machine.
Methods of Firewall –
There are four methods used by firewall to control traffic: packet filtering, circuit level gateway, proxy server and application gateway. It is also possible that one device use more than one of these mechanisms in conjunction with each other to provide stronger security.
- Packet Filter is used to cut off the traffic coming to and going from your network and assess it on the bases of provided principles. A packet filter can commonly intercept and evaluate the IP address of source and destination, source port and destination port. You can use this method to filter IP addresses and ports.
- A Circuit Level Gateway is used to block the coming traffic to some host except itself; a connection with the circuit level gateway can be build up by using software run by clients. For the outsiders, it seems that communication from your side are created and governed by the circuit level gateway.
- Proxy Server not only improves the performance of your network but also works as a kind of firewall. Proxy server hides the actual addresses and appears to originate communication itself. It accumulates the requested pages. Let suppose if someone requests for google.com then proxy server requests google.com and reclaims the web page when google.com is requested by some other user then instead of requesting the google.com once again, it automatically forwards retrieved information from the first user and thus decreases the response time. The server can be configured to block certain IP addresses and ports.
Application Gateway is a kind of proxy server. The in-house client produces connection with the application gateway. It is determined by the application gateway whether to establish a connection with the destination or not. Thus the traffic goes in two paths: from client to the application gateway and from application gateway to the destination. It also monitors all traffic whether it forwards it or not.
There are certain disadvantages associated with these methods. Application gateway is the most popular and successful gateway among others. Application gateway uses more resources such as memory processor power and can have slower speed. Packet filtering is comparatively faster but it can be dogged by IP spoofing – source port that let the firewall think that the traffic is allowed to go through the firewall. The security of packet filtering can be increased by stateful inspection packet filtering or state packet filtering is incorporated.
Build in firewall (simple packet filters) is present in many home routers. In case you are not acting as a server than you are able to block incoming traffic on all ports. In case you are publishing a web page from your personal computer than you are required to allow incoming traffic on Port 80 to get your computer. You must allow incoming connections on Port 21, if you want to download files from your computer from outside using FTP.