Packet filtering,Stateful inspection

Firewall Systems

network security barriers that control incoming and outgoing traffic

What is a Firewall?

A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between trusted internal networks and untrusted external networks, such as the Internet.

Basic Firewall Architecture

Internet
Untrusted
Firewall
Security Barrier
Internal network
Trusted

Types of Firewalls

Packet Filtering Firewall

Examines packets at the network layer and makes decisions based on source/destination IP addresses, ports, and protocols. Fast but limited in functionality.

Pros: Fast, low resource usage
Cons: No application awareness, vulnerable to spoofing

Stateful Inspection Firewall

Tracks the state of active connections and makes decisions based on the context of traffic. Maintains connection tables for better security.

Pros: Connection awareness, better security
Cons: Higher resource usage, complex configuration

Application Layer Gateway

Operates at the application layer, understanding specific protocols and applications. Provides deep packet inspection and content filtering.

Pros: Application awareness, content filtering
Cons: Slower performance, protocol-specific

Next-Generation Firewall

Combines traditional firewall capabilities with advanced features like intrusion prevention, application awareness, and threat intelligence.

Pros: Comprehensive security, threat intelligence
Cons: Expensive, complex management

Firewall Rule simulator

Configure Firewall Rules

Try different firewall rules and see how they affect network traffic:

Current Firewall Rules
Rule 1: ALLOW HTTP (port 80) from any source
ALLOW
Rule 2: ALLOW HTTPS (port 443) from any source
ALLOW
Rule 3: ALLOW ssh (port 22) from 192.168.1.0/24
ALLOW
Rule 4: DENY all other traffic (default)
DENY
Test network Traffic

How Firewalls Process Packets

1. Packet Arrives

network packet reaches the firewall interface

2. Rule Evaluation

Firewall checks packet against configured rules

3. Decision Made

Allow, deny, or log based on matching rule

4. Action Taken

Packet forwarded or dropped accordingly

Firewall Security Levels

Firewall Protection Levels

Basic Protection: Simple packet filtering based on IP addresses and ports
Intermediate Protection: Stateful inspection with connection tracking
Advanced Protection: Deep packet inspection with application awareness
Intelligent Protection: AI-powered threat detection and response