Foundation Topics
Firewall Technologies
To understand the different firewall technologies, you first need to have a good understanding
of the Open System Interconnection (OSI) reference model. The seven-layer OSI
reference model is the standard for network communication and is the foundation upon
which each firewall technology was built. The lower four layers of the OSI reference model
are generally considered to be the layers that deal with networking, whereas the upper three
layers deal more with application functions.
Firewalls are one of the primary components required to perform network perimeter security.
The function of a firewall is to permit or to deny traffic that attempts to pass through it, based
on specific predefined rules. All firewalls perform the function of examining network traffic
and directing that traffic based on the rule set; however, the methods that the various
firewalls use may differ. The following are the three different types of firewall technologies,
each of which is discussed in more detail in the following sections:
■ Packet filtering
■ Proxy
■ Stateful packet inspection
Packet Filtering
Packet-filtering firewalls are the oldest and most commonly used firewall technologies. A
packet-filtering firewall simply inspects incoming traffic for items that occur at the network
and transport layers of the OSI reference model. The packet-filtering firewall analyzes IP
packets and compares them to a set of established rules called an access control list (ACL).
Packet filtering inspects the packet for only the following elements:
■ Source IP address
■ Source port
■ Destination IP address
■ Destination port
■ Protocol (listed by name or IP protocol number