designed to distract hackers from real targets, detect new vulnerabilities and exploits, and learn about the identity of attackers.
• Software protecting a computer from network-based attacks • Also known as personal firewall
In addition to packet filtering, determines whether a packet is part of an existing session, and that information can be used to decide whether to permit or deny a packet.
isolated network that serves as a buffer between two networks. • Often used between the public Internet and a corporate network. • Can be implemented using one or two firewalls.
• Analyzes health of a computer • Decides whether the computer can connect to network resources • May allow computers to access a specific set of network resources for remediation
filter packets based on the individual packets themselves
• Analyzes data and application behavior at layer 7 • Also referred to as proxy servers (Most modern firewall products work as a mix of all three generations)
Hardware or software protecting an entire network from network-based attacks
• Similar to packet filtering, but operates at Layers 4 and 5 • By analyzing data at the session level, once a session is established, all packets for the same session are allowed through the firewall
Protects a computer, or network, from network-based attacks & Performs filtering of data packets traversing the network
a solution designed to detect unauthorized user activities, attacks, and network compromises
• Inspects packet at layer 3 • Based on rules that define what types of packets are allowed or denied to cross the firewall
Host firewall
Network Access Protection - NAP
Firewall
Circuit-Level Firewall
stateless firewalls
Network firewall
Application-Level Firewall
IDS
Perimeter Network
Packet Filtering Firewall
stateful inspection
Honeypots