/
Firewalls - Bastion Host

Firewalls - Bastion Host

Firewall

  • is a collection of components between two networks that filter cross traffic based on some security policy

Types of Firewalls

Packet Filtering Firewalls

  • stateless firewalls - static rules/filters to determine which packets are allowed to cross the inspection point

  • stateful inspection firewalls - Inspects packets in the context of their role in an incipient or ongoing conversation (e.g. TCP connection)

    • maintain a table for allowed connections. By default, allow connections originated from internal hosts & deny connections originated from external hosts

Application Level Firewalls

e.g. proxy server

Circuit Level Firewalls

  • sets up two connections (i.e. one with inner host, one with outside host)

another classification of firewall types:

  • screening router firewalls

  • computer-based firewalls

  • firewall appliances

  • host firewalls - on clients and servers

Bastion Host

bastion host is a special-purpose computer on a network specifically designed and configured to withstand attacks. The computer generally hosts a single application, for example a proxy server, and all other services are removed or limited to reduce the threat to the computer

Subpages