CSCI 4541 Lecture Notes - Lecture 10: Network Address Translation, Network Packet, Wireless Lan

Inserted between the premises network and the internet to establish a controlled. Can be a single computer system or a set of two or more systems together. Single choke point to impose security and auditing. Insulates the internal systems from external networks. All traffic from inside to outside must pass through firewall. Only authorized traffic as defined by the local security policy will be allowed to pass. The firewall itself is immune to penetration. Techniques used by firewalls to control access and enforce the site"s security policy are: Ex: only certain services are allowed to run on a network. Ex: only certain addresses within a range will be allowed to access certain applications, or visibility in the system. Note: all ports between 0 and 1023 are assigned to well-known services (ssh - 22, https: 443, http: 80, etc). Ex: cap the amount of bandwidth a specific service uses. Defines a single choke point (simplifies security management.