Overview

A firewall blocks unauthorized Internet access to a protected network while allowing internal network users to access the Internet through WWW, or to send and receive e-mails. A firewall can also be used to control access to the Internet, for example, to permit only specific hosts within the organization to access the Internet. Many of today's firewalls offer additional features, such as identity authentication and encryption.

Another application of firewall is to protect the mainframe and important resources (such as data) on internal networks. Any access to protected data is filtered by the firewall, even if the access is initiated by a user within the internal network.

The device mainly implements three categories of firewalls:

• ACL based packet filter

• Application Specific Packet Filter (ASPF)

• Address translation

This chapter focuses on ACL packet-filter firewall and ASPF. For more information about address translation, see HPE FlexNetwork MSR Router Series Comware 5 Layer 3—IP Service Configuration Guide.