Stealth Firewall Advantages
Security - Training

Advantages of a Stealth Firewall



Lesson 1 / Lesson 3

The advantages of the bridge, thus stealth firewall,  are considerable. First, the bridging firewall functions at the TCP/IP Layer 2 rather than at Layer 3 which is the typical layer for a firewall. This provides a way to filter MAC Addresses not IP Addresses. MAC Addresses are like individual fingerprints that are on each network interface. When the network interface is build an unique Hex code is burned into each network card. This fingerprint enables a secure method of tracking network traffic.

Secondly, in a bridge the two network interfaces that join the network are not assigned IP Addresses which creates a more secure firewall. This security is based on the fact that an attacker cannot formulate an attack against a specific IP Address of the bridge. You can assign a network IP Address to the bridge (not network interfaces) which enables you to configure the bridge remotely.

This bridge is transparent. That means that for users they will never even know that it exists. An attacker will not be aware that it exists and therefore will have difficulty launching an attack against the rest of the network.

The fourth advantage is that the bridging firewall can be placed anywhere in your network without making any changes. Just connect the two network interfaces and it works! Take the bridge out and the network never knows.

Fifth, because bridges do not do routing there is less overhead for the operation. Bridges filter packets like a firewall but do not route packets between networks.

The final advantage of a bridge is that you will be able to run an iptables firewall and an ebtables firewall filtering both at the MAC address and the IP Address levels.


 

Copyright CyberMontana Inc. and BeginLinux.com
All rights reserved. Cannot be reproduced without written permission. Box 1262 Trout Creek, MT 59874