Teach Any Computer Science Class
We have put together a full GCSE Computer Science curriculum that will give you all the teaching materials you need to teach any topic.
Whether you're a brand new Computer Science teacher, or you've been teaching ICT for years, our resources will save you hours and hours of lesson preparation every single week.View the Lessons →
Firewalls are absolutely critical for today’s computer systems. There was a time when we just didn’t think about firewalls but today’s networks come with threats. It’s, therefore, critical to have a firewall installed on your system.
A firewall is either a piece of hardware or software or a combination of both – depending on which type of firewall you are using and how you’re implementing it – that sits between your network and a public network such as the Internet.
We need a means of protecting our network and our host systems from external networks where chaos rules. If we did not implement some kind of barrier between these two then anybody on the Internet could find their way on to your internal network and could do all kinds of things like compromise data, steal data, and bring systems down, for example.
It is the network administrator’s job to implement firewalls to protect the network.
When we implement a firewall on a network, what we do is we place a system between our internal network and the external network. All the data that passes through this system is examined based on a set of rules that we define to determine whether or not that traffic is allowed. By doing so, we have erected a firewall between our network and the external network. Another way is that we could say any data that originated outside the network that is trying to come in will not be allowed. We can also say that any FTP traffic coming through is not allowed because we don’t want passwords and usernames being transmitted clearly through text. We can state that data that is being transmitted on a particular port, such as port 80, is allowed through the firewall but any other data is not allowed through the firewall if it’s running on a different port.
As you start working with firewalls, you’ll see that there are many different types of firewall that you can implement.
Let’s first look at the difference between a network firewall and a host-based firewall. With a network firewall, we take a firewall device, it could even be a computer running firewall software, and we install two interfaces: one network interface connects to our internal network, one network interface connects to our external network or to the Internet. All data going to and from the Internet goes through the firewall and it uses the rules that we specified to determine whether or not traffic is allowed through. This is a network-based firewall.
All networks that connect to the Internet must have some type of firewall. In fact, most professionals who implement firewalls for a living recommend that you have layered firewalls. You don’t use just one because if a hacker manages to find their way through one firewall, they got full access to your network. They recommend installing layers of firewall so that if hackers get through one, they still have more to get through. More firewalls discourage hackers as they’ll rather find easier prey.
It is also possible to have a host-based firewall. With a host-based firewall, we have a single system that is connected to the Internet and it doesn’t matter how it’s connected. It could be connected via a modem, through a network, through a DSL line, or through a cable modem. However it is connected, it has access to the Internet only, instead of installing a firewall somewhere between the system and the Internet, you have software installed on the system that operates as a firewall for that one particular host. Network firewalls examine all traffic going to and from the internal network and decide whether it is allowed or not. With a host-based firewall, we examine all traffic coming to and from just this one host and deciding whether or not it is allowed.
Now, these two are not exclusive: most of the time, when you are dealing with an organization, you will probably be running a host-based firewall on each machine and you’ll also be running a network-based firewall.
Firewalls are absolutely critical and if your organization doesn’t have one on its network or it doesn’t have a host-based firewall running on each individual system as it is subject to serious security threats.