What is application and session layer firewall?

Session layer firewalls operate at the session layer and are commonly also known as circuit level gateways or circuit level firewalls.

The session layer firewalls operate at session layer of the OSI reference model and use NAT for protection of internal systems from the outside attackers.

The protection that is provided by these kinds of firewall is basic and is done through the use of source/destination IP address as well as port numbers.

The session layer firewalls are not able to detect high level attacks or breach attempts that occur at the application layer.

So this means that the users on either outside or the inside could get through the session layer firewall by using standard applications with non standard ports. For example if someone wants to connect to a telnet server across the firewall they would do it by changing the port to 80 and the firewall wouldn’t be able to pick up on that because as it is a standard port 80 seemingly web traffic, it would be allowed.

Effectively the session based firewalls are nothing but access lists similar to those found in the routers and are easy to bypass or get around.

Application layer firewalls on the other hand have the capability of acting as a proxy in either or both direction and thus having the capability of protecting the resources from the users and the users from the resources.

So effectively application layer firewall mediates the traffic between the source and the destination and this provides a better view of the traffic that is passing through the firewall.

Application layer firewalls an also be used to publish the server on the LAN to make it internet facing and providing the optimum level of security that it deserves.

The users on the internet shall be visiting the published port on the firewall where the traffic will be scanned and then passed onto the server.

Application layer firewalls can be made more aware by building more stringent security functions onto them and giving them the ability to scan deeper into the packets that are travelling across. This gives the administrators far more visibility into the traffic that is passing across the firewall and hence refine the rules based on any new requirements.


Related Items

Internet Security Q & A

What is Email Spoofing?
Email spoofing is the method by which the sender of the email modifies or...
What is Website Cookie?
A website cookie is a small text file which comprises of small bits of...

Internet Security Articles

Zone Alarm Antivirus Review
Zone Alarm antivirus was developed by Checkpoint Software Technologies...
Facebook Privacy Settings 101
Facebook is the most popular social networking site at the moment. It...

Search

Internet Security Ads

Ask Question

Still cannot find answer for your security question?

 

Ask your question to our experts!

Copyright © 2011 SecuritySupervisor.com. All Rights Reserved.          Ask Question | Privacy | Legal | Links | Contact Us