WHAT IS A FIREWALL AND HOW DOES IT WORK
Firewalls
are basically a barrier between your computer (or a network) and the Internet
(Outside world). A firewall can be simply compared to a security guard who
stands at the entrance of your house and filters the visitors coming to your
place. He may allow some visitors to enter while deny others whom he suspects of
being intruders. Similarly a firewall is a software program or a hardware
device that filters the information (packets)
coming through the Internet to your personal computer or a computer network.
How Firewall Works?
Firewalls
may decide to allow or block network traffic between devices based on the rules
that are pre-configured or set by the firewall administrator. Most personal
firewalls such as Windows firewall operate on a set of pre-configured rules
which are most suitable under normal circumstances, so that the user need not worry
much about configuring the firewall.
Personal
firewalls are easy to install and use and hence preferred by end-users to
secure their personal computers. However, in order to meet customized needs
large networks and companies prefer those firewalls that have plenty of options
to configure.
For
example, a company may set up different firewall rules for FTP servers, telnet servers
and web servers. In addition, the company can even control how the employees connect
to the Internet by blocking access to certain websites and restricting the
transfer of files to other networks. Thus, in addition to security, a firewall
can give the company a tremendous control over how people use their network.
Firewalls
use one or more of the following methods to control the incoming and outgoing traffic
in a network:
Packet Filtering:
In
this method, packets (small chunks of data) are analysed against a set of filters.
Packet filters has a set of rules that come with accept and deny actions which are
pre-configured or can be configured manually by the firewall administrator.
If the packet manages to make it through these filters then it is allowed to reach the
destination; otherwise it is discarded.
Stateful Inspection:
This
is a newer method that doesn’t analyse the contents of the packets. Instead, it
compares certain key aspects of each packet to a database of trusted source.
Both incoming and outgoing packets are compared against this database and if
the comparison yields a reasonable match, then the packets are allowed to
travel further. Otherwise they are discarded.
Firewall Configuration:
Firewalls
can be configured by adding one or more filters based on several conditions as mentioned
below:
IP addresses:
In
any case, if an IP address outside the network is said to be
Unfavourable,
then it is possible to set filter to block all the traffic to and from that IP
address. For example, if a certain IP address is found to be making too many
connections to a server, the administrator may decide to block traffic from
this IP using the firewall.
Domain names:
Since
it is difficult to remember the IP addresses, it is an easier and smarter way
to configure the firewalls by adding filters based on domain names. By setting
up a domain filter, a company may decide to block all access to certain domain names,
or may provide access only to a list of selected domain names.
Ports/Protocols:
If
the services running on a given port is intended for the public or network
users, they are usually kept open. Otherwise they are blocked using the
firewall so as to prevent intruders from using the open ports for making
unauthorized connections.
Specific words or phrases:
A
firewall can be configured to filter one or more specific words or phrases so
that both the incoming and outgoing packets are scanned for the words in the
filter.
For
example, you may set up a firewall rule to filter any packet that contains an
offensive term or a phrase that you may decide to block from entering or
leaving your network.
Hardware vs. Software Firewall:
Hardware
firewalls provide higher level of security and hence preferred for servers
where security has the top most priority. The software firewalls on the other
hand are less expensive and hence preferred in home computers and laptops. Hardware
firewalls usually come as an in-built unit of a router and provide maximum security
as it filters each packet at the hardware level itself even before it manages
to enter your computer.
4 Comments
Great blog ! I am impressed with suggestions of author. NEC Brisbane
ReplyDeleteHey what a brilliant post I have come across and believe me I have been searching out for this similar kind of post for past a week and hardly came across this. Thank you very much and will look for more postings from you Best Loss Prevention Services Adelaide service provider
ReplyDelete
ReplyDeleteGreat article by the great author, it is very massive and informative but still preaches the way to sounds like that it has some beautiful thoughts described so I really appreciate this article. Best Construction Security Services Adelaide service provider
Thought needs to be given to the primary focus of the cybersecurity certificate program Is Cybersecurity is a Good Career?
ReplyDeletePost a Comment