A firewall is the most important aspect of overall security, since it enforces authentication upon all users, and all inbound
and outbound traffic is monitored. This module has discussed the types of firewalls, as well as the protocols, gateways, and
devices used to increase security at the network level.
You have learned what a firewall is, how it enhances security, and how it enables you to implement strategies at various choke
points. You also learned about the advanced features that certain firewall products can provide.
Now that you have completed this module, you should able to:
Define and describe firewalls
Describe the role a firewall plays in a company's security policy
Define common firewall terms
Describe packet filter use as a first line of defense
Describe and configure proxy servers
Describe circuit-level gateways and their features
Describe application-level gateways and their features
Build a firewall using a bastion host
Assess common firewall designs
Key terms and concepts
Application-level gateway: Application gateways function at all four layers of the TCP/IP suite. They are typically
implemented through software installed on a specialized server. Application gateways are sometimes known as proxy servers.
Bastion host: Strongly secured devices that have a direct network connection to a public network such as the
Internet. It can operate as any of the three types of firewalls.
Circuit-level gateway: Circuit-level gateways are similar to packet filters. The main advantage of circuit-level
gateways is their ability to provide network address translation.
Common Gateway Interface (CGI): A protocol that allows a Web server to pass control to a software application,
based on a user request. It also allows that program to receive and organize that information, then return it to the user in
a consistent format. A CGI script resides on a Web server, enabling the CGI process.
Demilitarized zone (DMZ): Networks that are between a company's internal network and the external network.
A DMZ is used as an additional buffer to further separate the public network from your internal private network.
Dual-homed bastion host: Identical in function to a bastion host but must have two network interfaces. Application gateways are typically installed on a dual-homed bastion host.
Firewall: A security system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both.
Firewall token: A string of information that identifies a specific user as packets pass through the firewall. A token is usually encrypted.
Gateway: A system that provides relay services between two devices. Gateways can range from an Internet application such as a common gateway interface (CGI) to a firewall gateway that process traffic between two hosts. The term is very generic and will be used for a firewall component that routes or processes data between two separate networks.
Internal bastion host: Firewalls that reside inside the internal network and are normally used as application gateways that receive all incoming traffic from external hosts.
Screened host firewall: A firewall that uses a bastion host to support both circuit- and application-level gateways and creates a demilitarized zone (DMZ) that functions as an isolated network between the Internet and the internal network.
Screened subnet firewal: A type of firewall that uses a bastion host to support both circuit- and application-level gateways and creates a demilitarized zone(DMZ) that functions as an isolated network between the Internet and the internal network.