1.Packet Filtering Firewall
2.Stateful Inspection Firewall 3.Proxy Firewall 4.Next-Generation Firewall (NGFW)
1.Rule-based filtering 2.Deep packet inspection 3.Intrusion prevention
Practical Lab Demonstrations:
1.Configuring basic firewall rules 2.Testing packet filtering 3.Hands-on with a popular firewall (like pfSense or Windows Defender Firewall)
///////////////////////////////////////////////////////////////////////////////////////////
This type of firewall operates on Layer 3 (Network) and Layer 4 (Transport) of the OSI model and filters data based on predefined rules without tracking the state of previous connections. It matches every packet against its rules individually, without considering whether the packet is part of an existing, legitimate connection. Since it does not maintain any record of previous connections, it makes decisions independently for each packet.
Because of this simplicity, stateless firewalls process packets quickly. However, they lack the ability to apply complex policies based on previous traffic patterns. For example, if the firewall denies a few packets from a source due to its rules, ideally, it should block all future packets from that source. However, since a stateless firewall does not retain any history, it treats each new packet separately and evaluates it again against its rules.
Unlike stateless firewalls, stateful firewalls go beyond simple packet filtering by maintaining a state table that keeps track of active connections. This adds an extra layer of security by allowing the firewall to make decisions based on the history of the connection. Stateful firewalls also operate on Layer 3 and Layer 4 of the OSI model.
For instance, if a firewall allows packets from a particular source, it records this connection in its state table, enabling future packets from the same connection to be accepted automatically without re-evaluating each one. Similarly, if it denies a few packets from a source, it will remember this and deny all subsequent packets from that source.