This chapter explains the operations of the different types of firewall technologies and the role they play in network access control and security architectures. It also describes guidelines for firewall rule set creation. The chapter then describes the function and building blocks of Network Address Translation. | Firewall Fundamentals and Network Address Translation 1 The information security profession has a number of formalized codes: International Information Systems Security Certification Consortium, Inc (ISC)2 Code of Ethics Computer Ethics Institute (CEI) Internet Activities Board (IAB) Generally Accepted System Security Principles (GASSP) Ethics This chapter teaches firewall concepts, technologies, and design principles. At the end of this chapter, you will be able to do the following: • Explain the operations of the different types of firewall technologies • Describe firewall technologies that historically have played, and still play, a role in network access control and security architectures • Introduce and describe the function and building blocks of Network Address Translation • List design considerations for firewall deployment • Describe guidelines for firewall ruleset creation Contents A firewall protects network devices from intentional, hostile intrusions that could threaten . | Firewall Fundamentals and Network Address Translation 1 The information security profession has a number of formalized codes: International Information Systems Security Certification Consortium, Inc (ISC)2 Code of Ethics Computer Ethics Institute (CEI) Internet Activities Board (IAB) Generally Accepted System Security Principles (GASSP) Ethics This chapter teaches firewall concepts, technologies, and design principles. At the end of this chapter, you will be able to do the following: • Explain the operations of the different types of firewall technologies • Describe firewall technologies that historically have played, and still play, a role in network access control and security architectures • Introduce and describe the function and building blocks of Network Address Translation • List design considerations for firewall deployment • Describe guidelines for firewall ruleset creation Contents A firewall protects network devices from intentional, hostile intrusions that could threaten information assurance (availability, confidentiality, and integrity) or lead to a denial-of-service (DoS) attack. A firewall can protect a hardware device or a software program running on a secure host computer. This chapter introduces the firewall technologies that Cisco uses in routers and security appliances. Introducing Firewall Technologies A firewall is a pair of mechanisms that perform these two separate functions, which are set by policies: • One mechanism blocks bad traffic. • The second mechanism permits good traffic. Firewall Fundamentals Firewall: Enforcing Access Control Many network access technologies can be used to build a firewall: • Packet-filtering routers • LAN switches • Complex systems integrating many hosts into a firewall system 5 • Must be resistant to attacks • Must be the only transit point between networks • Enforces the access control policy of an organization Protective measure against the following : • Exposure of sensitive hosts and applications to .