• Analyzes health of a computer • Decides whether the computer can connect to network resources • May allow computers to access a specific set of network resources for remediation
filter packets based on the individual packets themselves
• Analyzes data and application behavior at layer 7 • Also referred to as proxy servers (Most modern firewall products work as a mix of all three generations)
designed to distract hackers from real targets, detect new vulnerabilities and exploits, and learn about the identity of attackers.
In addition to packet filtering, determines whether a packet is part of an existing session, and that information can be used to decide whether to permit or deny a packet.
• Similar to packet filtering, but operates at Layers 4 and 5 • By analyzing data at the session level, once a session is established, all packets for the same session are allowed through the firewall
a solution designed to detect unauthorized user activities, attacks, and network compromises
• Inspects packet at layer 3 • Based on rules that define what types of packets are allowed or denied to cross the firewall
• Software protecting a computer from network-based attacks • Also known as personal firewall
Protects a computer, or network, from network-based attacks & Performs filtering of data packets traversing the network
Hardware or software protecting an entire network from network-based attacks
isolated network that serves as a buffer between two networks. • Often used between the public Internet and a corporate network. • Can be implemented using one or two firewalls.
Host firewall
Network Access Protection - NAP
Honeypots
Application-Level Firewall
IDS
Packet Filtering Firewall
stateless firewalls
Perimeter Network
Network firewall
Circuit-Level Firewall
stateful inspection
Firewall