Definitions[edit | edit source]

A packet filter is

[a] type of firewall that examines each packet and accepts or rejects it based on the security policy programmed into it in the form of rules.[1]
[a] routing device that provides access control functionality for host addresses and communication sessions.[2]

Strengths[edit | edit source]

Packet filters have two main strengths: speed and flexibility. Packet filters can be used to secure nearly any type of network communication or protocol. This simplicity allows packet filters to be deployed into nearly any enterprise network infrastructure. Note that their speed, flexibility, and capability to block denial-of-service and related attacks make them ideal for placement at the outermost boundary with an untrusted network.

Weaknesses[edit | edit source]

Packet filters possess several weaknesses:

Consequently, packet filters are very suitable for high-speed environments where logging and user authentication with network resources are not important.[3]

References[edit | edit source]

Community content is available under CC-BY-SA unless otherwise noted.