Firewall

Introduction

A firewall is a network security device guards your network against unauthorized traffic. Incoming malware is blocked by firewalls based on a set of pre-programmed rules. These rules can also prevent network users from accessing specific websites and programs.

(See Network Security)

Firewalls are built on the simple premise that network traffic from less secure environments should be authenticated and inspected before routing to a more secure environment. This keeps unauthorized users, devices, and applications away from a secure network environment or segment. Without firewalls, your network's computers and devices are vulnerable to hackers, making you an easy target for attacks.

(See Network Security using Firewalls)

Source: Wikipedia

Uses of Firewalls

The functions of a firewall are as follows.

• Any data entering or leaving a computer network must pass through the Firewall.
• If data packets are securely passed through the Firewall, all valuable information remains intact.
• Every data packet that passes through a Firewall is recorded, allowing the user to monitor network activity.
• Data cannot be altered because it is contained securely within data packets.
• To be more specific, a Firewall ensures that all data is secure and that any malicious data attempting to enter the internal network is not permitted to pass through.

How Do Firewalls Work?

To protect a network's perimeter, firewalls typically employ two or more of the following methods:

• Packet Filtering: Firewalls filter packets attempting to enter or leave a network and accept or reject them based on a predefined set of filter rules.
• The application gateway technique employs security methods used on specific applications such as Telnet and FTP servers.
• When a connection, such as TCP is established, and packets begin to move, a circuit-level gateway employs these methods.
• Proxy servers can mask real network addresses and intercept every message entering or exiting a network.
• Dynamic Packet Filtering compares the header information and the packet's most critical inbound and outbound data parts. These are then compared for characteristic matches to a trusted information database. This determines whether the information is permitted to pass through the Firewall and enter the network.

Recommended Topic, Basic Networking Commands

Types of Firewall

A firewall can be software and hardware both. Software firewalls are programs installed on each computer and use applications and port numbers to regulate network traffic. In the meantime, hardware firewalls are the devices installed between the gateway and your network. In addition, a firewall delivered by a cloud solution is referred to as a cloud firewall.

They are classified based on their traffic filtering methods, structure, and functionality. Among the various types of firewalls are:

Packet Filtering

• One of the most traditional types of Firewall
• A checkpoint is created at the traffic router by this type of Firewall. Only secure and verified IP addresses or networks are permitted for the data flow.
• The data packets are not verified at the Firewall stage, i.e., the information or data is not opened.
• They are simple to use, do not overburden the device, and do not affect its processing or operating speed.

Proxy Service Firewall

• This type of Firewall protects the network by filtering messages at the application layer.
• A proxy firewall serves as a gateway for a specific application from one network to another.

Stateful Multi-Layer Inspection

• It combines data packet inspection and a TCP connection. The information cannot be approved until both fields are verified.
• They are less taxing on computer resources.
• They are, however, a little slower than other Firewalls.

Next-Generation Firewall

• The recently released Firewall systems are referred to as Next-Gen Firewalls.
• The data packets are also checked thoroughly before being sent to the destination address.
• These are still improving and evolving, and they intend to use modern technology for automatic error detection and network security.

Unified Threat Management (UTM) Firewall

• UTM firewalls shielded inbound and outbound traffic from a wide range of threats and attack types.
• To prevent attacks at the gateway, antivirus, anti-malware, and anti-spyware services could run concurrently.
• Integrated Intrusion Prevention prevented the exploitation of vulnerabilities.

Network Address Translation (NAT) Firewalls

• NAT firewalls, also known as network address translation firewalls, are generally used to access Internet traffic while blocking any undesired connections. 
• These firewalls normally mask our devices' IP addresses, keeping them safe from intruders.
• NAT firewalls work similarly to proxy firewalls in most cases. NAT firewalls, like proxy firewalls, act as an intermediary between a group of computers and external traffic.