Previous Topic

Next Topic

Book Contents

Book Index

Packet Filters

Historically implemented on routers, packet filters filter user-defined content, such as IP addresses. They examine a packet at the network or transport layer and are application-independent, which allows them to deliver good performance and scalability.

Packet filters are the least secure type of firewall, as they are not application-aware, meaning that they cannot understand the context of a given communication. This makes them relatively easy targets for unauthorized entry to a network. A limitation of this type of filtering is its inability to provide security for basic protocols.

Packet filters have the following advantages and disadvantages:

Packet Filter Advantages and Disadvantages

Advantages

Disadvantages

Application independence

Low security

High performance

No screening above the network layer

Scalability

 

See Also

Old Firewall Technologies

Application-Layer Gateways