BROADCASTS.com

b"

Hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 58 today we're going to discuss Firewalls. Firewalls are primarily used to section off and protect one network from another.Now when we talk about firewalls, there's three main types.There's software-based, hardware-based,and embedded firewalls.Software-based firewalls are run as a piece of software on a host or a server.In fact, if you're running a Windows server,those have a built-in Windows Firewall that you can enable.Hardware firewalls, on the other hand,are a standalone device that's actually an appliance that's installed into your network.It looks like another switch or another router that goes into your network stack.The third type of firewall is known as an embedded firewall.Embedded firewalls work as a single function out of many on a single device.So if you have a small office home office router or a unified threat management device,these are examples of an embedded firewall.It's one piece of the larger device that does many different functions.Firewalls can operate in many different ways.The first one is packet filtering.Packet filtering is going to inspect each packet as it passes through the firewall, and it'll accept it or reject it based on the rules that it's been given.This relies on the firewall's configuration and the access control list that's been installed.If I'm running a web server, for example,I would configure my firewall to allow traffic inbound on port 80 and port 443 but close all of the other ports because port 80 gives web traffic,and port 443 gives secure web traffic,and so, those are expected to be used.There are two types of packet filtering,stateless and stateful.With stateless packet filtering,it's simply going to accept or reject packets based on the IP address and the port number that was requested.So if I'm running a web server and you requested to come in on port 80,I would allow that,but if you requested to come in on port 53,I would deny it because it's not in my access control list.Now a stateful packet filter, on the other hand,is going to keep track of requests that leave through the firewall.So if I make a request from a host through the firewall,it will temporarily open up a port number that I made the request from,some random high port number like 50,000 or 56,000.By using stateful packet inspection,you can almost entirely eliminate IP spoofing as a threat because the firewall is going to inspect the header of each packet being received.It's then going to compare that against what it was expecting based on the request that recently went out,and then, it's going to make its accept or reject decisions based on this addition information.This is a much more in-depth inspection than a stateless one does.Now, NAT filtering is another type of filtering we can do.This is going to filter traffic according to the port,whether it's a TCP or UDP port.This filtering can be done by simply checking the endpoint connections, by matching the incoming traffic to the requesting IP,and by matching the incoming traffic to the requesting IP address and port.Now, the next one we have is an application-layer gateway,or ALG.This is going to apply security mechanisms to specific applications such as FDP or Telnet.Now, instead of blocking traffic based on the Telnet port of port 23, instead, it's going to inspect each packet and determine which application it was meant for,and if it finds out that it was meant for Telnet,it would block it because that was unauthorized.This is a resource-intensive process,but it is a powerful layer of security that can be added on into your network.These are also known as Layer 7 firewalls because they operate at the application layer..Now, once that connection is established,the packets can then be sent or received without any further inspection or checks because all of that was done during the session establishment.