• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Help me argue this Question/Answer so I can get an A on my test.

D

Dug

Diamond Member
Here's the question.

A ________ is a router that can examine every packet and can filter traffic based on specified policies.

a) Firewall
b) Router
c) Proxy Server
d) Hub


This question is verbatim from MS, and the answer from them is a) Firewall.

I picked b) Router, for the simple fact that I didn't know that a firewall is a router.

Now I know that by inserting the word router wouldn't make the sentence gramatically correct. But I couldn't figure out how firewall was correct, with the word router in the question.

Can somebody that really knows please help. If I can argue why my answer would be more correct, then the teacher will change my score.
Although I understand the basic concepts behind the hardware, I don't know the specifics.
 
Heh, a, b, and c could all be correct 😛


Routers have access lists. Well some do. And they can block or allow traffic.
 
Well, a proxy isn't necessarily a router. It doesn't always send traffic between networks - Many real proxies have only one interface, in fact.

By definition, a router doesn't inspect packets, other than to look at the destination IP and forward it out the appropriate interface. Nearly all vendors offer packet filtering, like Cisco Access Lists, but that's above and beyond the standard router definition.

Unfortunately, the answer of Firewall is correct and the only one that fits the bill when the standard definition of the terms are used.

You could, however, argue that in the real world routers CAN apply access lists and filters to traffic. It's usually not true policy based, but that's beside the point.

By the way - MS (and many other) tests are often very ambigious like this - Always think back to the textbook definition of each device then figure out the answer.

- G
 


<< Well, a proxy isn't necessarily a router. It doesn't always send traffic between networks - Many real proxies have only one interface, in fact. >>



How can a proxy PROXY with only 1 interface? I have never seen a proxy that does not sit between the user and whatever is being proxied...
 


<< Routers have access lists. Well some do. And they can block or allow traffic. >>



That's my problem, I don't know at what point a router becomes a router with firewall capabilities.
Or if a router actually examines every packet? Or if every router made already has some type of firewall capabilities.

And can a firewall actually route? Or be called a router? Does the fact that a firewall will forward packets mean that it's technically routing packets?

 


<<

<< Routers have access lists. Well some do. And they can block or allow traffic. >>



That's my problem, I don't know at what point a router becomes a router with firewall capabilities.
Or if a router actually examines every packet? Or if every router made already has some type of firewall capabilities.

And can a firewall actually route? Or be called a router? Does the fact that a firewall will forward packets mean that it's technically routing packets? >>



Yes. My OpenBSD firewall machine at home routes (firewalls and NATs 😛) traffic from my internal LAN to the external INTERNET. So firewalls can route.
 
Thanks for the replies. But you guys aren't helping me 🙂
I guess I'll have to accept that B and ruin my A average.

 


<< Thanks for the replies. But you guys aren't helping me 🙂 >>



Tisk tisk, the information in the thread may not help this particular problem, but I do not see added information as a bad thing. It may not help you with this test, but it could help you in general 😉

Anyhow, firewalls are what generally filter packets, and routers can do it (in most situations), but this is really the job of the firewall. Let the router route and the firewall do uhhh firewall stuff 😛
 
I was just kidding about you guys not helping me.
I was hoping that the question was vague enough that it could be easily argued.
But my ignorance of hardware has obviously hindered my testing ability.
😉

But I do appreciate the input. I have learned more from these forums then the last 1 1/2 years of college.
 


<< How can a proxy PROXY with only 1 interface? I have never seen a proxy that does not sit between the user and whatever is being proxied... >>



It's quite common in large enterprises - Most of us don't trust the filtering capabilities of a proxy, and don't want it bypassing our firewalls and security policies. Traffic just goes in and out that one interface - Most of the big proxies are on the network at gigabit speeds, so there isn't a problem with traffic overloaindg a 100Mb/s link.

In fairness, to a big company a proxy is just another host on the network that does caching and internet access. In smaller organizations and SOHO's, proxies are often used in the double-interface mode, so you are correct in that manner. The double interface trick is really just a way of dealing with traffic and adding some security when a real firewall isn't there. The proxy doesn't require it - they work at the IP level and don't care about interfaces and routing.

- G
 


<<

<< How can a proxy PROXY with only 1 interface? I have never seen a proxy that does not sit between the user and whatever is being proxied... >>



It's quite common in large enterprises - Most of us don't trust the filtering capabilities of a proxy, and don't want it bypassing our firewalls and security policies. Traffic just goes in and out that one interface - Most of the big proxies are on the network at gigabit speeds, so there isn't a problem with traffic overloaindg a 100Mb/s link.

In fairness, to a big company a proxy is just another host on the network that does caching and internet access. In smaller organizations and SOHO's, proxies are often used in the double-interface mode, so you are correct in that manner. The double interface trick is really just a way of dealing with traffic and adding some security when a real firewall isn't there. The proxy doesn't require it - they work at the IP level and don't care about interfaces and routing.

- G >>



Sidewinder and raptor are two of the best enterprise level firewalls, and both do proxying. In fact, sidewinder is VERY interresting with some of its capabilities 😛
And Im not sure why a proxy would bypass a firewall, but its interresting that they use it that way. I wouldnt have thought of it because it just seems rediculous to me. But Im wierd like that 😉
 
It seems that combining Firewall and Proxy services into one product is a popular route these days, MS's ISA is pretty cool, as is Sidewinder.

I'm pretty sure that router isnt the correct answer because routers dont "examine every packet (the first criteria)" to the same extent that a firewall does . They certainly do look at the headers, but the datagram is not normally inspected, to my knowledge. Someone correct me if I am wrong. A firewall however, can be set to statefully examine the datagram of each packet ( with much overhead!).

The question is tricky however, because both a router and firewall meet the second criteria of filtering traffic based on specified properties.

Almost all hardware Firewalls are routers. But not all routers are firewalls.
 
Don't forget, this is a MS question so you have to give the correct MS answer. Sometimes that's counter to peopular knowledge. Cisco is the same way for their tests.
 
Hehe. Yep. We always used to joke about there being two answers to a MS question.

1) The right answer
2) The MS answer

Sometimes they agree, but often they don't.
 
I don't think all firewalls route..what about the SonicAlarm models? I may be wrong, but I don't believe the cheaper ones route.
 


<< I picked b) Router, for the simple fact that I didn't know that a firewall is a router. >>


By that you're saying that "A router is a router that can examine every packet........". That sounds dumb, and I doubt Microsoft would've phrased it that way if it intended for "router" to be the correct answer. Gotta look at these things as well.
 
A Proxy Server can act as a Firewall based on specified policies and as such can examine every packet and can filter traffic.😀

That's your answer.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top