Packet Filtering: Only looks at the outside of the envelope (Source, Destination, Port). If the address looks bad, it's blocked.
Stateful Inspection: Opens the envelope to see the letter inside (the Payload). It checks if the contents are dangerous or if they match the context of the conversation.
Proxy: Acts as a middleman. You talk to the Proxy, the Proxy talks to the Server. It hides you and inspects everything.
NAT: Hides your internal home network from the internet, giving everyone one shared "public" face.
● Red (Untrusted): The public Internet.
● Yellow (Semi-Trusted): The DMZ. This is where your web server sits so people can visit it safely.
● Green (Trusted): Your internal business network and database.
Instead of one big room, we create many small rooms separated by firewalls. This way, if a hacker breaks into the "lobby" (web server), they still can't get into the "vault" (database).
A Virtual Private Network creates a secure "tunnel" over the public internet. It uses encryption to keep your data confidential while you work from a coffee shop.
Secure Access Service Edge. It is the future of networking. It moves all the heavy security (firewalls, identity checks) into the Cloud so that no matter where an employee goes, the security follows them.
Packet: A small unit of data sent over a network.
Header: The "envelope" of a packet containing the address info.
Payload: The actual data or "letter" inside the packet.
DMZ: Demilitarized Zone. A buffer zone between the internet and your private network.
SPOF: Single Point of Failure. If one thing breaks, the whole system stops.
Port: A virtual "doorway" for specific types of traffic (e.g., Port 80 is for websites).