hardware firewalls

Discussion in 'Computer Security' started by Livewire, Sep 16, 2004.

  1. Livewire

    Livewire Guest

    How do hardware firewalls work?

    I can see how incoming traffic can be blocked, as with NAT on a router.
    But how can outgoing traffic be handled effectively, given that
    decisions need to be made about what to allow and block?
    Livewire, Sep 16, 2004
    #1
    1. Advertising

  2. Livewire

    Leythos Guest

    In article <>, livewire_100
    @N.O.S.P.A.M.hotmail.com says...
    > How do hardware firewalls work?
    >
    > I can see how incoming traffic can be blocked, as with NAT on a router.
    > But how can outgoing traffic be handled effectively, given that
    > decisions need to be made about what to allow and block?


    Firewalls determine in and outbound based on rule sets - everything is
    blocked by default. The outbound is based on several factors:

    1) Generic rules that permit everything on port 80 outbound.
    2) Specific rules that permit a service (port 80 for instance) from
    specific addresses or authenticated users.

    The same is true with inbound.

    This is the reason that NAT routers are NOT firewalls, they simple
    pretend to be a firewall by blocking inbound as a function of NAT.

    I know this explanation is limited, but you should see that outbound is
    restricted by many-factored rule sets. In addition to ports/services,
    firewalls can provide proxy and content filtering services, even
    removing attachments from email based on attachment types.


    --
    --

    (Remove 999 to reply to me)
    Leythos, Sep 16, 2004
    #2
    1. Advertising

  3. Livewire

    Anonymous Guest

    Livewire <> wrote in
    news::

    > How do hardware firewalls work?
    >
    > I can see how incoming traffic can be blocked, as with NAT on a router.
    > But how can outgoing traffic be handled effectively, given that
    > decisions need to be made about what to allow and block?
    >

    I assume you are talking about controlling which applications can
    communicate.

    Hardware firewalls can filter outbound traffic by blocking/permitting
    access to certain ports or IP addresses thereby controlling which services
    users can access but they cannot filter applications. For example, it
    could not block you from using Internet Explorer as your web browser, and
    force all users to use Mozilla Firefox instead. Only client side firewalls
    can offer application based filtering.
    Anonymous, Sep 16, 2004
    #3
  4. Livewire

    Livewire Guest

    In article <>,
    says...
    > In article <>, livewire_100
    > @N.O.S.P.A.M.hotmail.com says...
    > > How do hardware firewalls work?
    > >
    > > I can see how incoming traffic can be blocked, as with NAT on a router.
    > > But how can outgoing traffic be handled effectively, given that
    > > decisions need to be made about what to allow and block?

    >
    > Firewalls determine in and outbound based on rule sets - everything is
    > blocked by default. The outbound is based on several factors:
    >
    > 1) Generic rules that permit everything on port 80 outbound.
    > 2) Specific rules that permit a service (port 80 for instance) from
    > specific addresses or authenticated users.
    >

    So in what way do they differ from software firewalls? They are the sort
    of rules I create at the moment?
    Livewire, Sep 16, 2004
    #4
  5. Livewire

    Lee Higdon Guest

    Livewire wrote:
    > In article <>,
    > says...
    >
    >>In article <>, livewire_100
    >>@N.O.S.P.A.M.hotmail.com says...
    >>
    >>>How do hardware firewalls work?
    >>>
    >>>I can see how incoming traffic can be blocked, as with NAT on a router.
    >>>But how can outgoing traffic be handled effectively, given that
    >>>decisions need to be made about what to allow and block?

    >>
    >>Firewalls determine in and outbound based on rule sets - everything is
    >>blocked by default. The outbound is based on several factors:
    >>
    >>1) Generic rules that permit everything on port 80 outbound.
    >>2) Specific rules that permit a service (port 80 for instance) from
    >>specific addresses or authenticated users.
    >>

    >
    > So in what way do they differ from software firewalls? They are the sort
    > of rules I create at the moment?


    In essence, the common distinction is, with "hardware firewalls" the
    firmware (software programmed to a chip) resides on the appliance. With
    "software firewalls", the program resides on your computer. Now, as we
    all know, if one allows one's computer to be compromised by ill advised
    behavior, then the risk is the software on that computer which you
    expect will protect you may not.
    Lee Higdon, Sep 16, 2004
    #5
  6. Livewire

    Livewire Guest

    In article <4zk2d.3$>,
    says...
    > Livewire wrote:
    > > In article <>,
    > > says...
    > >
    > >>In article <>, livewire_100
    > >>@N.O.S.P.A.M.hotmail.com says...
    > >>
    > >>>How do hardware firewalls work?
    > >>>
    > >>>I can see how incoming traffic can be blocked, as with NAT on a router.
    > >>>But how can outgoing traffic be handled effectively, given that
    > >>>decisions need to be made about what to allow and block?
    > >>
    > >>Firewalls determine in and outbound based on rule sets - everything is
    > >>blocked by default. The outbound is based on several factors:
    > >>
    > >>1) Generic rules that permit everything on port 80 outbound.
    > >>2) Specific rules that permit a service (port 80 for instance) from
    > >>specific addresses or authenticated users.
    > >>

    > >
    > > So in what way do they differ from software firewalls? They are the sort
    > > of rules I create at the moment?

    >
    > In essence, the common distinction is, with "hardware firewalls" the
    > firmware (software programmed to a chip) resides on the appliance. With
    > "software firewalls", the program resides on your computer. Now, as we
    > all know, if one allows one's computer to be compromised by ill advised
    > behavior, then the risk is the software on that computer which you
    > expect will protect you may not.
    >



    Thanks everyone for their replies -- much clearer now.
    Livewire, Sep 16, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?a2luZw==?=

    firewalls and wireless

    =?Utf-8?B?a2luZw==?=, Aug 3, 2004, in forum: Wireless Networking
    Replies:
    1
    Views:
    964
  2. OVS

    SP2 and hardware firewalls

    OVS, Oct 4, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    376
    Toolman Tim
    Oct 5, 2004
  3. news

    "hardware" firewalls

    news, Jun 27, 2004, in forum: Computer Security
    Replies:
    3
    Views:
    424
  4. E. Nigma

    hardware firewalls

    E. Nigma, Aug 26, 2004, in forum: Computer Security
    Replies:
    5
    Views:
    390
    Chuck
    Aug 27, 2004
  5. Chris Salter

    What hardware based Firewalls are you using?

    Chris Salter, Jun 28, 2005, in forum: Computer Security
    Replies:
    1
    Views:
    501
    Winged
    Jun 30, 2005
Loading...

Share This Page