Different firewall architectures and techniques provide different correlation of performance vs. security. When considering alternative firewall technologies, a common question is "what are the trade-offs between performance and security" (Cisco Systems, 2002) To answer to this question, various firewall architectures should be regarded and analysed.
Various aspects of network security are explored, such as security policy, bastion host, packet filter, proxy server, network address and architecture. (Technology Investigation Center, 2002) There are four main generations of firewall architectures: packet filters, circuit level firewalls, application layer firewalls and dynamic packet filters. Also a number of firewall products exist from various producers.
A variety of network threats exist, such as network packet sniffers, IP spoofing, password attacks, denial-of-service attacks or application layer attacks. Therefore network administrators are working hard to protect their networks using various tools that help them to test and improve network security. Firewall takes the central place among such tools restricting access between a protected (internal) network and the Internet or other networks.
One of the most important problems using firewall is its ability to resist network attacks. ...