| Firewall is one of the great features that can be | | | | block their employees from viewing certain websites |
| incorporated in your system for analyzing incoming | | | | like: underground sites, pornography sites, and web |
| protocols. Based on this, they are capable to take an | | | | based emails. Content filtering features in a firewall |
| appropriate action. Also, they can perform several | | | | product allows you to do just that. It blocks all the |
| conditional evaluations. | | | | sites other than the specified ones.d) Network |
| These conditional evaluations are also referred to as | | | | Address Translation: - They are often used to map |
| 'rules'. When a fire wall in constructed, it is set with | | | | illegal address blocks to valid ones. Even though |
| rules that will be strictly followed by it. For example, if | | | | NAT's are not security related, devices that make |
| the company policy demands that only the sales | | | | use of them in corporate world are firewall |
| department will have the access to the FTP site, the | | | | products.e) Intrusion Detection: - In general, this term |
| firewall can be set accordingly. | | | | could mean anything. But in this context, some |
| So, even if any other department wants to access | | | | manufacturers are beginning to combine different |
| the site, it will not be possible. In this aspect, Fire | | | | types of products into their firewall offering. Even |
| walls are to networks what privilege schemes are to | | | | though this in itself doesn't create a problem, users |
| operating systems. For example, Windows XP will | | | | have to be a bit weary of the work load that might |
| allow you to specify which users can access a | | | | be imposed on their firewall.f) Fault tolerance: - Few |
| directory or a file. In a similar way, firewalls can | | | | higher end firewall products developed by companies |
| provide you with access control to your web sites or | | | | like Nokia/Checkpoint combination and Cisco PIX |
| network work stations. | | | | support certain kind of fail-over features. |
| Some other features included in firewall are as | | | | Fault tolerance features of firewall products are also |
| follows:a) Virtual Private Networking: - They are also | | | | referred to as High-Availability functionality. Advanced |
| referred to as VPN's. VPN's are used to move the | | | | versions of fault tolerance features allow the firewalls |
| traffic securely from point A to point B over hostile | | | | to run in pairs. In this scenario, while one device is |
| networks. There are many players in the open | | | | functioning, the other will act as a stand by. |
| market offering these services. Many firewall | | | | Entertaining the thoughts of managing all these |
| dedicated products offer both LAN-to-LAN and VPN | | | | features in one single product, can be a daunting |
| functionalities.b) Load Balancing: - It's more of a | | | | task. Hence, one has to approach it with a kitchen |
| generic term and it refers to the art of moving the | | | | sink mentality and with a fair amount of skepticism. |
| traffic in a distributed way. These days, some | | | | Let us not forget that they have a played a pivotal |
| firewalls products also incorporate certain features | | | | role in various security models of different |
| like directing FTP traffic and web in a distributed | | | | organizations as well. |
| manner.c) Content filtering: - Companies may want to | | | | |