Perimeter Firewall

 

What is a Perimeter Firewall?

A perimeter Firewall is a secure boundary offering the central defense of private as well as public networks, protecting and preventing the network from unidentified threats, such as from the internet.

A perimeter firewall defines the boundary between a private network and the public Internet. All traffic entering and leaving the private network passes through and is inspected by the perimeter firewall. A perimeter firewall enables an organization to restrict access to internal systems, block malicious content from entering the private network, and prevent data exfiltration and unauthorized use of corporate systems.

What are the advantages of the Perimeter Firewall?

• Monitors traffic of incoming and outgoing packet transfer
• Detect and prevent trojans
• Prevent keyloggers

How does the perimeter firewall work?

• Uses static packet filtering
• Proxy services as intermediary connection
• Stateful inspection of traffic

How Does a Perimeter Firewall Work?

A perimeter firewall is located at the boundary of a private network and prevents malicious traffic from crossing that boundary. It may be one of several types of firewalls with varying capabilities, such as:

• Packeting Filtering: Packet filtering firewalls are the simplest type of firewall. They inspect the contents of a network packet and allow or block it based on access control lists (ACLs). A packet filtering firewall can prevent certain types of traffic from entering or leaving the private network based on packets’ source and destination ports.
• Stateful Firewalls: Stateful packet inspection firewalls track the current state of network connections and incorporate this information into their access decisions. A stateful firewall can identify an ACK scan based on the fact that an ACK packet is received out of sequence while a packet filtering firewall cannot.
• Proxy Firewalls: Proxy firewalls act as a proxy for user connections, creating separate connections between the user and firewall, and the server and firewall. This can help to protect users’ privacy by concealing their IP addresses.
• Next-Generation Firewalls (NGFWs): NGFWs combine the features of packet filtering and stateful firewalls with other security capabilities. An NGFW performs deep packet inspection (DPI) and can incorporate an intrusion detection/prevention system, URL filtering, and antivirus and antimalware functionality.

Security Requirements of a Perimeter Firewall

A perimeter firewall should protect an organization and its users with the following capabilities:

• Web, Application, and Data Controls: A perimeter firewall should provide users with safe and legitimate access to both trusted and untrusted resources. This includes protection against web-based attacks, vulnerability exploits, and threats to corporate data.
• Advanced Threat Prevention: A perimeter firewall should be capable of identifying and blocking both known and unknown threats to an organization. This requires an NGFW with threat intelligence and sandbox analysis capabilities.