.. include:: global.rst
    
***********************************
Chapter 5: Firewall Fundamentals
***********************************

Overview
========
Firewalls are security devices that enforce network security policies
by filtering incoming and outgoing traffic.

Core Concept
============
- Operate under the model:
  
  "Deny by default, allow by exception"

- Only explicitly permitted traffic is allowed.
- All other traffic is blocked.

Traditional Firewalls
=====================
- Filter traffic based on:
  - IP addresses
  - Ports
  - Protocols
- Limited visibility into application-layer traffic.
- Cannot deeply inspect content.

Types of Firewalls
==================

Software Firewalls
------------------
- Installed on individual systems.
- Protect a single device.

Hardware Firewalls
------------------
- Physical appliances.
- Protect entire networks.

SOHO / Individual Firewalls
----------------------------
- Designed for small office/home office environments.
- Often integrated into routers.

Next-Generation Firewalls (NGFWs)
==================================

Definition
----------
NGFWs combine traditional firewall capabilities with advanced security features.

Key Features
------------
- Intrusion Prevention System (IPS)
- Application awareness and control
- Deep packet inspection
- VPN support
- Integrated security services

Advantages
----------
- Consolidated security functions
- Improved visibility into traffic
- Better protection against modern threats

Disadvantages
-------------
- Increased complexity
- Higher cost
- Potential single point of failure

Firewall Configuration Concepts
================================

Port Forwarding
---------------
- Redirects traffic from one port to another internal system.

Filtering Strategies
---------------------

Ingress Filtering
  - Filters incoming traffic.

Egress Filtering
  - Filters outgoing traffic.

Decision-Making Considerations
==============================

When evaluating firewall options, consider:
- Organization size
- Security needs
- Budget
- Management complexity
- Risk tolerance

NGFWs are often better for larger organizations with advanced security
needs, while traditional firewalls may be sufficient for smaller,
less complex environments.