Chapter 9
Firewalls
This chapter gives some background information on firewalls and introduces the
Contivity 251 firewall.
9.1 Firewall Overview
Originally, the term firewall referred to a construction technique designed to
prevent the spread of fire from one room to another. The networking term
"firewall" is a system or group of systems that enforces an access-control policy
between two networks. It may also be defined as a mechanism used to protect a
trusted network from an untrusted network. Of course, firewalls cannot solve every
security problem. A firewall is one of the mechanisms used to establish a network
security perimeter in support of a network security policy. It should never be the
only mechanism or method employed. For a firewall to guard effectively, you must
design and deploy it appropriately. This requires integrating the firewall into a
broad information-security policy. In addition, specific policies must be
implemented within the firewall itself.
9.2 Types of Firewalls
There are three main types of firewalls:
1. Packet Filtering Firewalls
2. Application-level Firewalls
3. Stateful Inspection Firewalls
9.2.1 Packet Filtering Firewalls
Packet filtering firewalls restrict access based on the source/destination computer
network address of a packet and the type of application.
Contivity 251 VPN Switch User's Guide
9-1