A firewall is a security system developed to block a connection to or from a private network. Firewalls can be enforced as either hardware or software, or a combination of both hardware and software.
Network firewalls are utilised to prohibit unauthorised internet users from accessing private networks or intranets connected to the internet. All messages passing through the intranet, whether coming in or getting out goes through the firewall.
The firewall inspects each message and rejects messages that failed from the security checks.
Hardware and Software Firewalls
Firewalls enforced can be either hardware or software, but the perfect configuration will contain both. Aside from limiting connection to computers and networks, a firewall is also utilised for authorising unknown access to a private network through security authentications.
Hardware firewalls can be bought as a separate product, but they are usually included in broadband routers. These are regarded as essential part of system security and network setup. Most hardware firewalls possess four network ports to link other computers. Larger networks would require a business networking firewall solution instead.
Software firewalls are embedded on computers and can be personalized just like other software programs. This lets you manage its function and safety features. A software firewall protects your computer from those trying to access your computer illegally.
Operating systems also have embedded firewalls. Windows Firewall is a Microsoft Windows application that detects malicious activities and alerts users. The application can spot and block hackers, viruses and worms from inflicting damage to your computer.
Firewall Filtering Techniques
Firewalls screen all information entering the network and computer system. They are used in the home and office in preserving networks.
The following firewall techniques can stop possible harmful information from getting through:
- Packet Filter – screens each packet coming to and from the network and admits or repels it based on rules defined from the start. Packet filtering is efficient and apparent to users, but it is hard to setup. In addition, it is vulnerable to IP (Internet Protocol) spoofing.
- Application Gateway – applies security components to specific applications, such as FTP (File Transfer Protocol) and Telnet servers. This is very efficient, but can inflict a performance decline.
- Circuit-level Gateway – packets can move between the hosts without further checking once the UDP (User Datagram Protocol) or TCP (Transmission Control Protocol) connection has been established. Security components are applied when the connection is built.
- Proxy Server – holds back all messages coming to and from the network. The proxy server masks the true network addresses efficiently.
Many firewalls use two or more of these techniques jointly. A firewall is regarded as a first line of security in safeguarding private information. For better security protection, data can be masked.
Types of Firewall
- Proxy firewall – acts as the gateway from one network to another. It stops direct connections from outside the network.
- Stateful inspection firewall – allows or blocks traffic depending on its condition. It monitors all activity throughout the connection.
- Unified threat management (UTM) firewall – offers stateful inspection firewall functionalities plus interference inhibition and antivirus.
- Next-generation firewall (NGFW) – blocks modern threats and application-layer attacks.
- Threat-focused NGFW – offers advanced threat detection and improvements.
Firewalls in the Perimeter-less Age
The function of a firewall is to stop detrimental traffic reaching the resources that it is shielding. Some security experts feel this is an obsolete way of keeping information and the resources it resides on safe. They contend that while firewalls still have a part to play, modern networks have so many entry points and different types of users that more robust access control and security at the host is a better technological tactic to network security.