Wednesday, September 11, 2013
- Hosts and routers are separated in TCP/IP architecture.
- For private networks, more protection is required to maintain an access control over it.
- Firewall is one of the components of this TCP/IP architecture.
- Internet is separated from Intranet by this firewall.
- This means all the incoming traffic must pass through this firewall.
- The traffic that is authorized is allowed to pass through.
- It is not possible penetrate the firewall simply.
Firewall has two components namely:
Ø Filtering router and
Ø Two types of gateways namely application and transport gateways.
- All the packets are checked by the router and filtered based up on any of the attributes such as protocol type, port numbers, and TCP header and so on.
- Designing the rules for filtering of the packets is quite a complex task.
- A little protection is offered by this packet filtering since with the filtering rules on one side, it is difficult to cater to the services of the users on other side.
About Application Gateways
- Application layer gateways consist of 7 layer intermediate system designed mainly for the access control.
- However, these gateways are not commonly used in the TCP/ IP architecture.
- These gateways might be used sometimes for solving some inter-networking issues.
- The application gateways follow a proxy principle for supporting the authentication, restrictions on access controls, encryption and so on.
- Consider two users A and B.
- A generates an HTTP request which is first sent to the application layer gateway rather than being send to its destination.
- The gateway checks about the authorization of this request and performs encryption.
- After the request has been authorized, it is sent to user B from the gateway just at it would have been sent by A.
- B responds back with a MIME header and data which might be de-crypted or rejected by the gateway.
- If the gateway accepts, it is sent to A as if from B.
- These gateways are designed for all the protocols of application level.
About Transport Gateways
- The working of the transport gateway is similar to application gateway but it works at the TCP connection level.
- These gateways are not dependent up on the application code but they do need client software so as to maintain awareness about the gateway.
- Transport gateways are intermediate systems at layer 4.
- An example is the SOCKS gateways.
- IETF has defined it as a standard transport gateway.
- Again, consider two clients A and B.
- A TCP connection is opened by A to the gateway.
- The SOCKS server port is nothing but the destination port.
- A sends a request to this port for opening the connection to B indicating the port number of the destination.
- After checking the request, the request for connection from A is either accepted or rejected.
- If accepted, a new connection is opened to B.
- The server also informs A that the connection has been established successfully.
- The data relay between the clients is kept transparent.
- But in actual there are two TCP connections having their own sequence numbers as well as acknowledgements.
- The transport gateways are simpler when compared with the application layer gateways.
- This is so because the transport gateways are not concerned with the data units at the application layer.
- It has to act on the packets simply once the connection has been established.
- Also, this is the reason why it also gives higher performance in comparison with the application layer gateways.
- But it is important that the client must be aware of its presence since there is no transparency here.
- If between the two networks the only border existing is the application gateway, it alone can act as the firewall.