Thursday, July 10, 2008

Gateway v/s Firewall

A gateway is a network point that acts as an entrance to another network. On the Internet, a node or stopping point can be either a gateway node or a host (end-point) node. Both the computers of Internet users and the computers that serve pages to users are host nodes. The computers that control traffic within your company's network or at your local Internet service provider (ISP) are gateway nodes.

In the network for an enterprise, a computer server acting as a gateway node is often also acting as a proxy server and a firewall server. A gateway is often associated with both a router, which knows where to direct a given packet of data that arrives at the gateway, and a switch, which furnishes the actual path in and out of the gateway for a given packet. IP is a unique 32-bit number that identifies the location of your computer on a network

A firewall is simply a program or hardware device that filters the information coming through the Internet connection into your private network or computer system. If an incoming packet of information is flagged by the filters, it is not allowed through.

Firewalls use one or more of three methods to control traffic flowing in and out of the network:

Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.

Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa.

Stateful inspection - A newer method that doesn't examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded

Firewalls are customizable. This means that you can add or remove filters based on several conditions. Some of these are

IP addresses: Each machine on the Internet is assigned a unique address called an IP address
Domain names: A company might block all access to certain domain names, or allow access only to specific domain names.
Protocols: The protocol is the pre-defined way that someone who wants to use a service talks with that service.

- IP (Internet Protocol) - the main delivery system for information over the Internet
- TCP (Transmission Control Protocol) - used to break apart and rebuild information that travels over the Internet
- HTTP (Hyper Text Transfer Protocol) - used for Web pages
- FTP (File Transfer Protocol) - used to download and upload files
- UDP (User Datagram Protocol) - used for information that requires no response, such as streaming audio and video
- ICMP (Internet Control Message Protocol) - used by a router to exchange the information with other routers
- SMTP (Simple Mail Transport Protocol) - used to send text-based information (e-mail)
- SNMP (Simple Network Management Protocol) - used to collect system information from a remote computer
- Telnet - used to perform commands on a remote computer

Proxy Servers and DMZ
A function that is often combined with a firewall is a proxy server. The proxy server is used to access Web pages by the other computers. When another computer requests a Web page, it is retrieved by the proxy server and then sent to the requesting computer. The net effect of this action is that the remote computer hosting the Web page never comes into direct contact with anything on your home network, other than the proxy server. Proxy servers can also make your Internet access work more efficiently. If you access a page on a Web site, it is cached (stored) on the proxy server. This means that the next time you go back to that page, it normally doesn't have to load again from the Web site. Instead it loads instantaneously from the proxy server.

There are times that you may want remote users to have access to items on your network.

Some examples are:
· Web site
· Online business
· FTP download and upload area

In cases like this, you may want to create a DMZ (Demilitarized Zone). Although this sounds pretty serious, it really is just an area that is outside the firewall. Setting up a DMZ is very easy. If you have multiple computers, you can choose to simply place one of the computers between the Internet connection and the firewall. Most of the software firewalls available will allow you to designate a directory on the gateway computer as a DMZ