«

How do hardware firewalls work?

I can see how incoming traffic can be blocked, as with NAT on a router.
But how can outgoing traffic be handled effectively, given that
decisions need to be made about what to allow and block?

In article <>, livewire_100
@N.O.S.P.A.M.hotmail.com says...
> How do hardware firewalls work?
>
> I can see how incoming traffic can be blocked, as with NAT on a router.
> But how can outgoing traffic be handled effectively, given that
> decisions need to be made about what to allow and block?

Firewalls determine in and outbound based on rule sets - everything is
blocked by default. The outbound is based on several factors:

1) Generic rules that permit everything on port 80 outbound.
2) Specific rules that permit a service (port 80 for instance) from
specific addresses or authenticated users.

The same is true with inbound.

This is the reason that NAT routers are NOT firewalls, they simple
pretend to be a firewall by blocking inbound as a function of NAT.

I know this explanation is limited, but you should see that outbound is
restricted by many-factored rule sets. In addition to ports/services,
firewalls can provide proxy and content filtering services, even
removing attachments from email based on attachment types.


--
--

(Remove 999 to reply to me)

Livewire <> wrote in
news: :

> How do hardware firewalls work?
>
> I can see how incoming traffic can be blocked, as with NAT on a router.
> But how can outgoing traffic be handled effectively, given that
> decisions need to be made about what to allow and block?
>
I assume you are talking about controlling which applications can
communicate.

Hardware firewalls can filter outbound traffic by blocking/permitting
access to certain ports or IP addresses thereby controlling which services
users can access but they cannot filter applications. For example, it
could not block you from using Internet Explorer as your web browser, and
force all users to use Mozilla Firefox instead. Only client side firewalls
can offer application based filtering.

In article <>,
says...
> In article <>, livewire_100
> @N.O.S.P.A.M.hotmail.com says...
> > How do hardware firewalls work?
> >
> > I can see how incoming traffic can be blocked, as with NAT on a router.
> > But how can outgoing traffic be handled effectively, given that
> > decisions need to be made about what to allow and block?
>
> Firewalls determine in and outbound based on rule sets - everything is
> blocked by default. The outbound is based on several factors:
>
> 1) Generic rules that permit everything on port 80 outbound.
> 2) Specific rules that permit a service (port 80 for instance) from
> specific addresses or authenticated users.
>
So in what way do they differ from software firewalls? They are the sort
of rules I create at the moment?

Livewire wrote:
> In article <>,
> says...
>
>>In article <>, livewire_100
>>@N.O.S.P.A.M.hotmail.com says...
>>
>>>How do hardware firewalls work?
>>>
>>>I can see how incoming traffic can be blocked, as with NAT on a router.
>>>But how can outgoing traffic be handled effectively, given that
>>>decisions need to be made about what to allow and block?
>>
>>Firewalls determine in and outbound based on rule sets - everything is
>>blocked by default. The outbound is based on several factors:
>>
>>1) Generic rules that permit everything on port 80 outbound.
>>2) Specific rules that permit a service (port 80 for instance) from
>>specific addresses or authenticated users.
>>
>
> So in what way do they differ from software firewalls? They are the sort
> of rules I create at the moment?

In essence, the common distinction is, with "hardware firewalls" the
firmware (software programmed to a chip) resides on the appliance. With
"software firewalls", the program resides on your computer. Now, as we
all know, if one allows one's computer to be compromised by ill advised
behavior, then the risk is the software on that computer which you
expect will protect you may not.

In article <4zk2d.3$>,
says...
> Livewire wrote:
> > In article <>,
> > says...
> >
> >>In article <>, livewire_100
> >>@N.O.S.P.A.M.hotmail.com says...
> >>
> >>>How do hardware firewalls work?
> >>>
> >>>I can see how incoming traffic can be blocked, as with NAT on a router.
> >>>But how can outgoing traffic be handled effectively, given that
> >>>decisions need to be made about what to allow and block?
> >>
> >>Firewalls determine in and outbound based on rule sets - everything is
> >>blocked by default. The outbound is based on several factors:
> >>
> >>1) Generic rules that permit everything on port 80 outbound.
> >>2) Specific rules that permit a service (port 80 for instance) from
> >>specific addresses or authenticated users.
> >>
> >
> > So in what way do they differ from software firewalls? They are the sort
> > of rules I create at the moment?
>
> In essence, the common distinction is, with "hardware firewalls" the
> firmware (software programmed to a chip) resides on the appliance. With
> "software firewalls", the program resides on your computer. Now, as we
> all know, if one allows one's computer to be compromised by ill advised
> behavior, then the risk is the software on that computer which you
> expect will protect you may not.
>


Thanks everyone for their replies -- much clearer now.