The main four main types of firewall techniques are packet filtering firewalls, circuit level
gateways, application gateways and proxy server. In this paper packet filtering firewalls
and proxy server firewall techniques are only highlighted. In *ƒ²*ƒ”€š?Packet filtering,
where the core is on a multi-homed machine, which decides to forward or block a packet.
This is based on a set of rules. The second type is *ƒ²*ƒ”€š?proxy server that relies on a
program to provide authentication and forwards packets on a multi-homed machine. (Gary
& Alex, 2007)
A Packet filter works at the network layer of the OSI model. The practice of examining
and blocking traffic is called packet filtering. Daemons such as Squid also allow you to
examine and block traffic. However Squid is not a packet filter, it is a proxy server that is
designed to operate at the application layer of the OSI model.
A packet filtering router has an addition included that of the router. IT checks each packet
and compares it with the set of rules set to it, and decides to forward or block it. Every
packet goes through these set of rules and if the match is found, action is obeyed. Actions
include dropping packet or informing sender with packet status. The packets are checked
in packet orders and on first match first serve basis. The packet order depends on the
source IP address of the packets, destination IP address, the destination port numbers or
even packet types. Some examples of packet types are UDP, TCP, ICMP…etc.
An application gateway is an application program which is programmed on a firewall that
runs between networks. Then one system (the client) sends message to other (destination
computer), the packet is first connected to a proxy. Then the client program agrees with the
proxy server in order to communicate with the destination computer. Then behind the
firewall, the proxy server establishes a trust connection between client and destination
computer. (Webopedia n.d.)
The primary difference between a packet filtering router and a proxy server is that a packet
filtering router does not check network packets as intensely as a proxy server does. And
packet filtering firewalls are generally faster than other technologies, because they perform
fewer evaluations and can be easily implemented as hardware solutions. And packet filters
dont need a server or client computer specifically configured, it does all the work.
(Evolution of the firewall industry, 2002)
But packet filters do not understand application layer protocols and they dont keep any log
of the sessions. Packet filters have very limited capabilities to do anything to a packet.
Proxy server requires more system resources in order to process network packets. Proxy
server can sometimes be slow when taking in requests, especially if the machine is not
powerful enough. This is a why packet filters and proxy servers are both necessary in a
network. The packet filter blocks plus filters majority of traffic and proxy server inspects