Overview of routefinder vpn technology, Networks, The firewall – Multi-Tech Systems RF660 User Manual
Page 17: Network components that work with the firewall
Chapter 1 – Product Description, Features, and Overview
Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D)
17
Overview of RouteFinder VPN Technology
Before we look at how the RouteFinder works and how to use it, we will illustrate why the RouteFinder is necessary for the
protection of networks, as well as show which problems and risks exist without an appropriate security system.
Networks
The systems in the global network communicate via the Internet Protocol Family (IP), including TCP, UDP, or ICMP. The IP
addresses are the basis of this communication. They identify all available units within the network.
The Internet itself is actually just a collection of computer networks around the world of varying shape, size, and speed.
Where two or more networks join, a whole host of tasks arise, which are dealt with by routers, bridges, or gateways. A
special type of connection between two networks is called a firewall.
Generally speaking, three types of networks meet at the firewall:
1.
External network/Wide Area Network (WAN)
2.
Internal Network/Local Area Network (LAN)
3.
De-Militarized Zone (DMZ)
The Firewall
The characteristic tasks of a firewall as a connection between WAN, LAN and DMZ are:
•
Protection from unauthorized access
•
Access control
•
Ensure information integrity
•
Perform analysis of protocols
•
Alert the administrator of relevant network events
•
Conceal internal network structure
•
Decoupling of servers and clients via proxies
•
Ensure confidentiality
There are several generic network components that, brought together under the heading Firewall, are responsible
for these tasks. The following sections provide a brief look at some of the forms and their derivatives.
Network Components That Work with the Firewall
Network Layer Firewalls: Packet Filter
As the name suggests, the Packet Filter is where IP packets (consisting of address information, some flags, and the
payload) are filtered. With this kind of firewal
l
you can grant or deny access to services, according to different
variables. Some of these variables are:
•
The source address
•
The target address
•
The protocol (e.g. TCP, UDP, ICMP)
•
The port number