Research Blog 3 – Firewall Features

Kristin's picture
Submitted by Kristin on Thu, 04/16/2009 - 12:00

In this blog, I wanted to look specifically at the firewall features for a router. The routers we’re comparing support several different kinds of firewall features, so I wanted to be sure we had information on the differences of each of them for the introduction.

• Network Address Translation (NAT)
A HowStuffWorks article (found here http://computer.howstuffworks.com/nat.htm) explains that NAT is a firewall that allows a group of computers to use a single IP address. Because of the growing size of the internet, all available IP addresses are being used, and the new system (IPv6) isn’t entirely implemented yet.

There are two kinds of NAT, dynamic and static. Dynamic NAT, which maps a private IP address to a public IP from a group of IP addresses, essentially places a firewall between your computer and outside networks. This prevents someone else from connecting to your computer through your IP address.

• Stateful Packet Inspection (SPI)
I found another article (found here http://www.zen.co.uk/Broadband/buyhardware/stateful-vs-deep-packet-inspe...) to explain this firewall, which works by looking at incoming information from the Internet and making sure that it belong to a “valid session.” The article goes on to explain that SPI only controls the incoming information and cannot protect against attacks from spyware, adware or Trojan viruses.

• Virtual Private Network (VPN) Pass-through
An article from Home net help (found here http://www.homenethelp.com/vpn/) explains that a VPN is a private connection ”between two or more devices” on the Internet. Some broadband routers can run more than one VPN session at once.

The article warns that using VPNs requires a lot of processor speed, and when run through routers can be limited. It says most have a maximum VPN speed of around .6 Mbps. This might be a con for using this type of security if a customer needed more processing speed through this.

• Denial of Service (DoS or DDoS) protection
The first article on DoS protection (found here http://www.ddosprotection.com/article_3.htm) explains that DoS attacks attempt to flood users and thus, invoke bandwidth limits or simply “saturate” all the available bandwidth.
The second article (found here http://www.radware.com/Solutions/Enterprise/Security/DoSProtection.aspx) explains that these attacks essentially shut down the network functionally.

This information could either be used in the text of the introduction, or could also go into a table that summarizes the difference easily. I think this information also fits closely with security/protocols supports, so that will be what I need to look at next.