Advantages and Disadvantages of Packet Filtering
The main advantages of the packet filter firewall:
- A strategically placed packet filtering firewall can protect the entire network. Most of the routers support packet filtering. If you have a border router placed just after Internet ISP, with the packet filtering enabled, you can protect an entire network regardless of the network size.
- Packet filtering is widely available in routers. Leading networking vendors like Cisco, Juniper, and HP provide packet filtering on their routers known as Access Control Lists (ACL), which is configured in all the border routers.
There are a few disadvantages:
- The packet filtering rules tend to be hard to configure. A network/system administrator needs a lot of expertise and proper strategy to configure it right.
- Once it is configured, it is difficult to comprehensively test and verify whether it is working correctly or not.
- It is a stateless machine. It does not remember the state of the previous packet. Stateless packet filters are vulnerable to attacks. Hence, some of the attacks, such as spoofing attacks, can easily bypass firewall rules of this kind of a firewall.