What is a Packet Filter?
A packet filter is, at its most basic, a firewall that protects networked computers from pollution from outside sources, namely the Internet. For the record, packet filter is the name of the application, a type of IP filter so named in the Berkeley Software Distribution (BSD) naming conventions. The packet filter acts as a network policeman, examining any and all traffic directed at the network before that traffic ever gets anywhere close to the network. Think of the packet filter in terms of the guard tower outside the moat that surrounds the castle. The packet filter serves the role of both moat and guard tower, since most packet filter procedures involve more than one layer of security. The packet filter is a model of reverse engineering as well, serving as a gatekeeper that keeps “dangerous” traffic from leaving the network. An apt analogy here would be the Great Wall of China, which was built both to keep invading barbarians out and to keep dissident Chinese in. The “dangerous” tr
Simply put a packet filter initiates a process that allows or denies the passage of traffic between networks based on the header information in each of the packets. A packet filter can take advantage of such header information to include Source address, Destination address, Port or Service and some other information is available for the device to use in establishing rule sets that will allow or deny the packets into a given network. A Cisco router could be configured using Access Control Lists to filter certain types of traffic. This process is often referred to as Static Packet Filtering. There are some advantages of static packet filtering which include: · Low Overhead / High Throughput · Inexpensive or Free · Easy to manage network traffic Some of the disadvantages in using static packet filtering are: · Allows a direct connection to internal hosts by external clients · Permanently leaves holes open in your network perimeter · Quickly becomes unmanageable when used in complex enviro
