Network Security Essentials -- Notes10. Firewall
Firewall's Goals
1. All traffic must pass through the wall
2. Only authorized traffic is allowed to pass
3. Immune to penetration

Techniques
1.Service Control -- "This IP is blocked"
2.Direction Control -- "Currently we only allow outside traffic"
3.User Control -- "You are not allowed to get in"
4.Behavior Control -- "You can't send spams to me"


Types of Firewall
1.Packet-filtering Router -- Filtering based on info in TCP/IP headers, including
a.Source IP
b.Destin IP
c.TCP Port number
d.IP Protocol Field
e.Rooter's Interface (Interface for inside traffic or for outside traffic)

2.Application-level Gateway = Proxy, inspecting application-level messages
a.Advantage: More secure than packeting-filter
b.Disadvantage: Too much additional overhead

3.Curcuit-level Gateway