I know about the various kinds of f.walls: packet filters, circuit level gateways, application level gateways and tasteful multilayer inspection firewalls. The question I have is this:
When someone says, 'There's our gateway' does that mean that it is included in one of these types of firewalls? In other words, are there gateways that are not firewalls at all. Or does the word gateway imply that it is some type of firewall...
Thanks Jason Shohet
"tasteful"... I like it. But I think you mean 'stateful'.
A lot of technical terms are derived from the normal use of the language. If you look at a dictionary for the word 'gateway', you find
gate-way n 1. A structure, as an arch, framing an entrance that may be closed by a gate. 2. Something that serves as an entrance or means of access. (American Heritage Dictionary of the English Language)
gate-way n : way in or out. (Webster's New Dictionary of the English Language)
Several other dictionaries (for example: Webster's Ninth New Collegiate Dictionary, Webster's Universal Dictionary) have nearly identical definitions. Going to a technical dictionary, you can see the relationship:
Gateway The technical meaning is a hardware or software set-up that translates between two dissimilar protocols, for example America Online has a gateway that translates between its internal, proprietary e-mail format and Internet e-mail format. Another, sloppier meaning of gateway is to describe any mechanism for providing access to another system, e.g. AOL might be called a gateway to the Internet.
Most common
No. All it is is a thing that allows you to go from one place to another - it's an access mechanism. Think of a park. You get in or out through a gateway, rather than (perhaps) going through a fence or wall.
NOT WITHSTANDING THE ABOVE, it is not uncommon for access controls to be available (and for the home user - often applied). For example, the gateway to DisneyLand will let you in to the park only after you pay the required entry fees. No pay = no entry. Does that make it a firewall?
Our gateway has routing rules that direct packets with RFC3330 addresses (Special-Use IPv4 Addresses) as source or destination to the bit-bucket. The system at our upstream that connects their backbone to the wire that leads to our facility drops packets with any of 135 protocols _other_than_ TCP/UDP/ICMP (there's a number of other worlds besides them), UDP packets with destination port numbers in the 1024 to 1100 range (messenger spam), and certain ICMP types. (The rules are a lot more complex than that - I'm only talking concepts here.) This is more to reduce unwanted or unusable traffic over the wire than to prevent access to our network.
Old guy
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.