Allow or disallow traffic based on different factors, such as source and destination IP, port number, time of day, application, etc.
"Don't allow video streaming traffic from to 192.169.1.0 past 5 PM or on weekends"
Firewall Security Policies are a complex form of ACLs - allow for very specific and fine-grain security control
Firewall rules follow a logical path, usually from top to bottom. Generally, more specific rules are at the top while more general rules are at the bottom
Example:
| Rule Number | Remote IP | Remote Port | Local Port | Protocol | Action |
|---|---|---|---|---|---|
| 1 | All | Any | 22 | TCP | Allow |
| 2 | All | ICMP | Deny |
If traffic doesn't match any existing rule, it will automatically be denied. This is known as an implicit deny
Allow or restrict traffic based on Uniform Resource Location/Identifier (URI)
We can manage access to sites based on category, such as auction sites, travel sites, etc.
Often integrated into a NGFW
Software can monitor data being sent over a network for sensitive information and prevent that traffic from traversing the network
NSFW filters, parental controls, anti-virus, and anti-malware software provide a type of content filtering
A separate area of your network that visitors can access over the internet, allowing for public access to public materials, such as web servers, while keeping private data inaccessible
Zone-based security - more flexible and secure than IP address ranges
A network is separated into zones, for example, a trusted and untrusted zone
We can then make security policies that reference these zones, for example, if the trusted and untrusted zones are allowed to communicate