What are the three main types of firewalls?

There are three main types of firewalls: packet filtering firewalls, proxy server firewalls, and status monitor firewalls. Packet filtering firewalls are relatively low-priced, transparent to users, have little impact on network performance, are fast, and are easy to maintain; proxy server firewalls can enhance network security; status monitor firewalls can easily expand applications and services.

Firewalls can be roughly divided into three categories: packet filtering firewalls, proxy server firewalls, and status monitor firewalls.

1. Packet filtering firewall

Working principle of packet filtering firewall: Firewall products using this technology process data at appropriate locations in the network Packets are filtered by checking the source address, destination address, all TCP port numbers and TCP link status of each data packet in the data flow, and then based on a set of predefined rules to allow logical data packets to pass The firewall enters the internal network and deletes illogical packets.

The biggest advantages of packet filtering firewalls are: relatively low price, transparent to users, little impact on network performance, fast, and easy to maintain.

But it also has some shortcomings: packet filtering is more complicated to configure, it is more sensitive to IP spoofing attacks, and it has no user usage records, so hacker attack records cannot be discovered from access records. It is relatively easy for hackers to attack a simple packet filtering firewall.

2. Proxy server firewall

The working principle of proxy server firewall: The proxy server runs between two networks. It looks like a real computer to the customer. The same as the server, and to the external server, it is a client. When the proxy server receives the user's request, it will check whether the site requested by the user meets the company's requirements. If the company allows the user to access the site, the proxy server will act like a client and go to that site to retrieve the required information and then forward it to client.

Advantages of proxy server firewall: It can shield the internal structure of the protected network and enhance the security of the network; it can be used to implement strong data flow monitoring, filtering, recording and reporting, etc. .

Its shortcomings: slow down the access speed because it does not allow users to directly access the network; the application-level gateway needs to install corresponding proxy server software for each specific Internet service, which will cause compatibility issues .

3. Status monitor firewall

The working principle of the status monitor firewall: This firewall has better security features. It uses a network security function on the gateway. The software engine of the policy is called the detection module. Without affecting the normal operation of the network, the detection module uses the method of extracting relevant data to detect the layers of network communication, extracts part of the data, that is, status information, and dynamically saves it as a reference for future designated security decisions.

State monitor firewall advantages:The detection module supports multiple protocols and applications, and can easily expand applications and services; it will detect ports such as RPC and UDP Information, while packet filtering and proxy gateways do not support such ports; the protection against attacks is stronger.

Its disadvantages: the configuration is very complex and will reduce the speed of the network.

For more related knowledge, please visit PHP Chinese website! !

The above is the detailed content of What are the three main types of firewalls?. For more information, please follow other related articles on the PHP Chinese website!