pk.org: CS 419/Lecture Notes

Firewalls

Terms and concepts you should know

Paul Krzyzanowski – April 13, 2022

Network Address Translation

  • Network Address Translation (NAT)
  • Private IP addresses

Firewalls

  • 1st generation firewall
  • Packet filter
  • Screening router
  • Border router (gateway router)
  • Access control list
  • Filter chain
  • Accept/Drop actions
  • Basic firewalling principle
  • Default allow
  • Default deny
  • Ingress vs. egress filtering
  • 2nd generation firewall
  • Stateful packet inspection (SPI)
  • Related traffic
  • Bastion host
  • Demilitarized Zone (DMZ)
  • Micro-segmentation
  • Deep packet inspection (DPI)
  • Deep Content Inspection (DCI)
  • Intrusion Detection System (IDS)
  • Intrusion Prevention System (IPS)
  • Protocol-based IDS
  • Signature-based IDS
  • Anomaly-based IDS
  • Application proxy
  • Dual-homed host
  • Deperimeterization
  • Zero-trust architecute (ZTA)
  • Host-based firewall (personal firewall)