Subscribe by Email


Friday, May 28, 2010

Firewalls: Circuit Level Gateway Firewall

Circuit Relay firewall or Circuit Level Gateway is an approach to configure a firewall that validates connections before allowing data to be exchanged. A circuit relay firewall is a type of security firewall (proxy server) that provides a controlled network connection between internal and external systems (that is, there is no "air gap"). A virtual "circuit" exists between the internal client and the proxy server. Internet requests go through this circuit to the proxy server, and the proxy server delivers those requests to the Internet after changing the IP (Internet Protocol) address.

All traffic is disallowed unless a session is open and every session of data exchange is validated and monitored. Using Circuit level gateway, IP spoofing is particularly much more tedious in comparison to the firewall based only on packet filtering. The Circuit Level Gateway operates at the Transport Layer of OSI Model. Traffic is filtered based on specified session rules and may be restricted to recognized computers only. Circuit-level firewalls hide the network itself from the outside, which is useful for denying access to intruders. But they don't filter individual packets.
Whether a connection is valid may for examples be based upon:
- destination IP address and/or port
- source IP address and/or port
- time of day
- protocol
- user
- password

SOCKS is an example of this type of firewall. This type of proxy is not aware of applications but just cross links your connects to another outside connection.


No comments:

Facebook activity