[CISSP] Domain Telecommunications and Networking Security

Domain Telecommunications and Networking Security
Firewall Type

Packet-level filtering firewall

• Network layer
• ACL

Proxy firewall - Application

• Application layer
• This looks deep into packets and makes granular access control decisions.
• It requires one proxy per service.

Proxy firewall - Circuit

• Network layer
• This looks only at the header packet information.

State inspection firewall

• Network layer
• using a state table
• It looks at the state and context of packtes
• Third -generation firewall

Firewall Architecture Characteristics

Dual-homed

• Single pc with two or more NICs

Screened host

• Router filters(screens) traffic before it is passed to the firewall

Screened subnet

• External router filters(screens) traffic before it enters the subnet. Traffic headed toward the internal network then goes through the firewall and another router