How Broadband Routers and Firewalls Work

Many broadband routers and firewalls function primarily through the use of Network Address Translation (NAT) to hide the internal systems behind a single external IP address. | How Broadband Routers and Firewalls Work Many broadband routers and firewalls function primarily through the use of Network Address Translation NAT to hide the internal systems behind a single external IP address. These so-called NAT routers or NAT firewalls do an adequate job of hiding resources from casual attack methods but they do not perform advanced firewall functions therefore it is really a bit of a misnomer to call them firewalls at least in the sense that firewalls such as the Cisco Secure PIX Firewall Microsoft ISA Server and Check Point Firewall-1 products are considered firewalls. Rather many broadband routers and firewalls are just NAT-based packet-filtering routers providing a degree of privacy but they typically lack advanced firewall features such as stateful packet inspection SPI proxying of data or deep packet inspection. Figure 5-1 shows the NAT process. Figure 5-1. How NAT Works View full size image The steps numbered in Figure 5-1 can be further explained as follows 1. The client initiates a connection to an external host HostB . 2. The broadband router firewall receives the request and translates the request from the internal IP address to the address of the router firewall s external interface. The router firewall keeps track of this translation in a translation table. 3. The packets are delivered to the external destination HostB which believes that the packets originated from the external IP address of the router firewall. The external host HostB responds accordingly to the external IP address of the router firewall. 4. When the router firewall receives the response from the external host it checks its translation table for a matching outbound request. 5. If it finds one the router firewall repackages the packet and delivers it to the internal host HostA which thinks that the response is from the external host HostB . In addition most broadband routers firewalls are designed not to permit any unsolicited packets from an external host to be

Bấm vào đây để xem trước nội dung
TÀI LIỆU MỚI ĐĂNG
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.