A firewall examines traffic as it enters one of its interfaces and applies rules to the traffic—in essence, permitting or denying the traffic based on these rules. Firewall filters both inbound and outbound traffic.

Firewalls use access control lists (ACLs) to filter traffic based on source/destination IP addresses, protocol, and the state of a connection. In other words, normally you might not allow FTP/21 into your network (via the firewall), but if a user inside your network begins an FTP session out to the Internet, it is allowed because the session was established from inside the network. By default, firewalls trust all connections to the Internet (outside) from the trusted internal network (inside).

A firewall can also log connection attempts with certain rules that might also issue an alarm if they occur. Finally, firewalls enable you to perform Network Address Translation (NAT) from internal private IP addresses to public IP addresses. The section “Firewall Operational Overview” discusses the roles of a firewall; however, here you can tie the firewalls back to security policy discussions by examining how a firewall enforces your security policy.



Keywords: firewall examines traffic , Firewall filters,Firewalls,ACLs, IP addresses, protocol, FTP ,network,Internet, firewalls enable , Network Address Translation ,NAT, private IP addresses , public IP addresses, security policy.