Advantages and disadvantage of packet filtering firewall, Computer Network Security

Assignment Help:

Advantages and Disadvantage of Packet Filtering firewall

 

Advantages

  • One screening router can help protect entire network

One key advantage of packet filtering is that a single, strategically placed filter can help protect an entire network. If there is only one router that  connects organization site to the Internet, then it provides great advantage on network security, regardless of the size of the site by doing packet filtering on that router.

 

  •  Packet filtering doesn’t require user knowledge or cooperation

Packet filtering does not require any custom software or configuration of client machines. When a packet filtering router let a packet through, the router is indistinguishable from a normal router. This transparency means that the packet filtering can be done without the cooperation and often without the knowledge of users.


 Disadvantages

  •  Current filtering tools are not perfect

 The rules of packet filtering are hard to configure and once configured, they seem hard to test. The packet filtering capabilities of many products are incomplete and the implementation of certain types of filters is almost impossible. Packet filtering packages may have bugs in them that might fail packet filtering implementation. This may allow few packets to pass into private network without proper checking.

 

  •  Some rules can’t readily be enforced by normal packet filtering routers

The information available to packet filtering router is limited. Packets have information about their host but they cannot tell about the user. So, generally no restrictions can be enforced on particular users. Restriction can be enforced on the users who could access the ports through high level protocols. These protocols ensure that no other user is accessing that port. But that kind of control can easily be subverted.


Related Discussions:- Advantages and disadvantage of packet filtering firewall

Risk assessment, RISK ASSESSMENT Risk assessment is a step in a risk man...

RISK ASSESSMENT Risk assessment is a step in a risk management technique. Risk assessment is the determination of quantitative or qualitative value of risk related to a concrete

Evaluate the sample correlation between y and z, Question: (a) Data on ...

Question: (a) Data on four variables are stored in a file called file1.dat. The first line of the file is the variable names f, x, y and z. Give the R commands to (i) read t

Digital certificates-cryptography, Digital Certificates Digital Certific...

Digital Certificates Digital Certificates are electronic document having key value and identifying information about entity which controls key. Digital signature which is attach

Selecting a risk control strategy, Selecting a Risk Control Strategy Risk...

Selecting a Risk Control Strategy Risk controls involve selecting one of the 4 risk control strategies for every vulnerability. The flowchart is shown in the figure given below

Wan architecture and wan service, MegaCorp INC. is a large manufacturing f...

MegaCorp INC. is a large manufacturing firm that operates 5 factories in Dallas, 4  factories in Los Angeles, and 5 factories in Albany, New York.  It operates a tightly  connected

Broadband Technology, In 10 or more pages, address the following topics (be...

In 10 or more pages, address the following topics (be sure to use diagrams as well as references). 1) Define broadband and baseband transmission technology. 2) Describe broadban

Illustrate the label switching procedure in an mpls network, QUESTION ...

QUESTION a) Explain the terms traffic engineering, class-based queuing, shaping and grooming in an MPLS network. b) Using an example topology, illustrate the label swi

Explain how inter-vlan communication, QUESTION a) A switch basically ...

QUESTION a) A switch basically operates by forwarding frames from one part of the network to another, based on MAC address. Describe the three types of switching namely store

Ids response behavior, IDS RESPONSE BEHAVIOR Once IDS detects an anomalo...

IDS RESPONSE BEHAVIOR Once IDS detects an anomalous network situation, it has a number of options. IDS responses to external stimulation can be classified as active or passive.

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd