Firewall Servers Turnkey Network Appliances
Contact Us                                            
Home Products Products Employment Links Site Map



Technical Specifications 

iSentryIII Specs

iSentryIII Prices

iSentryIII FAQ










          What are firewall appliances and why are they needed?

[what is a firewall appliance?] [basic firewall technology]
 [firewall appliance and firewall software]

Content Filtering Firewall Products from Firewall Servers

Full product descriptions of turnkey filtering firewall appliances can be found at  NEW PRODUCTS. New lower prices are located at  PRICING.

What is a firewall appliance?

First, let us define a firewall. A firewall is a system or group of systems utilized to enforce access control between two network entities. This can be accomplished in a variety of ways but fundamentally the firewall is a pair of mechanisms: the first exists only to block traffic and the second one exists to permit traffic. It allows people inside the organization, behind the firewall, to access information on the outside and prevents people on the outside from getting into the user's system. The singular most important aspect of a firewall is to allow the System Administrator to easily implement an access control policy.

The Internet has become, in many ways, a mirror of society. Within our society there is a segment of jerks, malcontents and rip-off artist who delight in spray painting other people's walls, knocking down stop signs and mail boxes and perpetrate all manners of scams such as credit card fraud and embezzlement. All of these, and more, has become a routine part of the Internet society. Web sites are defaced, phony misleading press releases are issued to manipulate stock prices and large databases of credit card numbers are broken into for fun and profit. A firewall is the first line of defense against the cyberpunks attempting to rip the fabric of the Internet society.

A firewall appliance is a dedicated hardware and software system whose sole purpose is to function as the implementer of the defined access control policy. A fully featured firewall appliance will include NAT (Network Address Translation), DMZ (De-Militarized Zone), VPN (Virtual Private Network), Intrusion Detection and extensive audit logging with alarm condition detection and reporting. Content Filtering can be a highly desirable option to prevent pornography and specific non-work related web sites from being accessed.

In the most ideal of situations, the firewall appliance should be as ubiquitous as a telephone: take it out of the box, plug it in and use it. The real world is not so utopian due to the large variety of options for blocking or passing data in or out of the network as well as all of the network specific information. At its worst, the time to properly configure a firewall can be measured in hours. At its best, like the iSentryII Appliance, much of the configuration will be performed at the factory prior to shipment, requiring only minutes for final configuration.

[return to top]

Basic firewall technology.

A firewall is generally a software package or a combination of hardware and software and typically consists of several layers of protection designed to intercept and prevent penetration by intruders. Today there are three basic types of firewalls.

  1. The simplest type is known as a screening router or packet filter firewall. This approach screens every packet for content and decides whether to pass through or deny access. This approach provides the very minimum of security and is easily broached by sophisticated intruders who can falsify or spoof a packet so that it appears to come from a legitimate source.

  2. A second firewall approach utilizes a technique known as stateful inspection. This approach is more adept than packet filtering at preventing spoofing by comparing patterns of arriving data with data from previously accepted packets.

  3. The third and generally accepted as the most secure approach is known as the proxy server. The proxy server sits between the internal network and all locations outside the network and does not allow direct traffic to pass directly through. The proxy server changes the IP address of the user from anyone outside of the firewall. When an internal user access an external web site the source IP address on the outbound HTTP packet appears as the address of the firewall and not that of the originator. When an external data packet arrives at the firewall, the application software examines and evaluates the packet's IP address and content, compares it with the firewall appliance's rule set to verify whether it complies with the pre-defined security policies.

[return to top]

Firewall appliance software and applications.

Unlike firewall software packages that are loaded on to an existing server, a firewall appliance is a dedicated stand-alone hardware and software solution. The firewall appliance mediates traffic between the Internet and the user's protected networks. The iSentryII firewall appliance is rule driven and must understand each of the application protocols that are allowed by the user's security policy. An example of protocol-specific security could be a configuration that permits incoming FTP but would block outbound FTP.

[return to top]


[Home | Products |
Limited Warranty | FAQ | Employment | Links | Site Map | Contact Us]
[What are Firewall Software & Appliances? ]
[Network Security Software & Appliances | Content Filtering]

Firewall Servers

E-mail: |

Terms of Use. Copyright 2012  All rights reserved.

                                                                                                  iSentry, iSentryII, iSentryIII, iSOHO and Engima Firewall are trademarks of Firewall Servers

            All other trademarks and copyright notices belong to their respective owners.