Reference Manual for the ProSafe VPN Firewall FVS114
Network, Routing, and Firewall Basics
B-11
202-10098-01, April 2005
What is a Firewall?
A firewall is a device that protects one network from another, while allowing communication
between the two. A firewall incorporates the functions of the NAT router, while adding features for
dealing with a hacker intrusion or attack. Several known types of intrusion or attack can be
recognized when they occur. When an incident is detected, the firewall can log details of the
attempt, and can optionally send email to an administrator notifying them of the incident. Using
information from the log, the administrator can take action with the ISP of the hacker. In some
types of intrusions, the firewall can fend off the hacker by discarding all further packets from the
hacker’s IP address for a period of time.
Stateful Packet Inspection
Unlike simple Internet sharing routers, a firewall uses a process called stateful packet inspection to
ensure secure firewall filtering to protect your network from attacks and intrusions. Since
user-level applications such as FTP and Web browsers can create complex patterns of network
traffic, it is necessary for the firewall to analyze groups of network connection states. Using
Stateful Packet Inspection, an incoming packet is intercepted at the network layer and then
analyzed for state-related information associated with all network connections. A central cache
within the firewall keeps track of the state information associated with all network connections.
All traffic passing through the firewall is analyzed against the state of these connections in order to
determine whether or not it will be allowed to pass through or rejected.
Denial of Service Attack
A hacker may be able to prevent your network from operating or communicating by launching a
Denial of Service (DoS) attack. The method used for such an attack can be as simple as merely
flooding your site with more requests than it can handle. A more sophisticated attack may attempt
to exploit some weakness in the operating system used by your router or gateway. Some operating
systems can be disrupted by simply sending a packet with incorrect length information.
Ethernet Cabling
Although Ethernet networks originally used thick or thin coaxial cable, most installations currently
use unshielded twisted pair (UTP) cabling. The UTP cable contains eight conductors, arranged in
four twisted pairs, and terminated with an RJ45 type connector. A normal straight-through UTP
Ethernet cable follows the EIA568B standard wiring as described below in
Table B-3
.