APPLICATION PROXY
Both packet filtering firewalls and stateful inspection firewalls allow direct connections between hosts on the inside and outside of a firewall. Application proxy firewall are different in it operation, it does not allow direct connection between inside (Private) to the outside (Public) connections. Instead the firewall forces all of the connections to pass through an application called Proxy. The proxy interprets any incoming or outgoing connections, checks them against its rule base to see if they are allowed, and then creates another connection between the firewall and the destination host. In essence, the proxy acts as a middleman between two hosts
FIREWALL MANAGEMENT
Firewalls don’t run themselves. A firewall like any other network device has to be managed by someone. The Firewall Administrator are the gatekeepers, their role is managing site security. A Firewall Administrator must have a sound understanding of network concepts and implementation. As most firewalls are TCP/IP based, a thorough understanding of this protocol is compulsory. Firewall Administrator must also have good hand-on experience with the networking concepts, design and implementation, so that the firewall is configured correctly and administered properly
WHAT KIND OF FIREWALLS ARE THERE
Functionally there are three major types of Commercial firewalls are available: Packet Filtering Firewalls. Stateful inspection Firewalls. Application Proxy Firewalls. Information security is a complex and subtle process, hence required attention and immediate response in a real-time. SOC can provide a simple methodology for addressing most of these complex intrusions issues and one can make quick decision, when and where to act when a Security violation occurs. egning Solutions consultants are well abreast with latest SOC technologies and have deployed number of SOCs successfully in Australia and in Middle East for Telecom, ISP and in Banks. egning Solutions have leading technologies partner is Security Information Management (SIM) and can tailor turn key solution to integrate your networks and systems gears for monitoring.
PACKET FILTERING
Packet Filtering is very basic firewall just inspects the TCP / IP packets. A filter operates on individual IP packets and has no knowledge of the payload being carried. Packet filters typically make their Pass / Deny decisions based on the source and destination IP addresses in the packet header, as well as the source and destination TCP/IP ports. The filter looks at only data at this network layer and ignores other layers of the OSI model. This means that a packet filter does not understand or process any of the details of layer 4 protocol such as TCP, or Layer 7 protocol such as telnet, HTTP or SMTP.
STATEFUL INSPECTION
The downfall of packet filtering is that a packet filter does not know anything about the connection or protocol that it is managing. Stateful inspection firewall address this shortcoming by adding in logic that looks not just at the flow of traffic on a per-packet basis but also at a protocol connection level, typically at the TCP or application level. A stateful firewall is still rule based, just like packet filter but it interprets these rules based on this addition inspection at layer 3 and layer 4 of the OSI. It maintains the MAC addresses and IP addresses history and decided the pass / deny on policy and current rule set.