Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Filters are application programs used in a firewall for examining packets on their arrival at the firewall. Filters help with firewall security in that they route or reject the packets based on defined rules.
Filters can be configured as per user and can be used to perform specific sets of actions, including on packets of a particular protocol family. Filters make use of the source IP address of the packet, destination IP address, IP protocol ID, TCP/UDP port number, ICMP message type and fragmentation flags in most cases to decide the course of actions for the packets. In fact, the key parts of the packets are compared against the rules and database of trusted information, to evaluate the course of action. Those that pass the test are allowed to move, whereas those that fail are rejected and denied any further service. In order to protect against denial of service attacks and floods, filters can be used for limiting the traffic rate of packets destined for the routing engine. On the basis of source, protocol and application, filters can restrict traffic for the routing engine. Filters can also be configured to address special circumstances such as ones associated with fragmented packets.
There are many advantages associated with filters. Filters enable the control mechanism for the packets in transition, provide a mechanism of protection for the router from heavy traffic and external incidents.