Firewall
A firewall is a network security system designed to prevent unauthorized access to or from a private network. It monitors and controls the incoming and outgoing network traffic based on predetermined security rules.
Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet. Firewalls are generally designed to protect network traffic and connections, and therefore do not attempt to authenticate individual users when determining who can access a particular computer or network. This means that the only traffic allowed onto the network is defined in the firewall policy, all other traffic is denied.
In addition to limiting access to your computer and network, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins. Firewalls can be implemented in both hardware and software, or a combination of both.
Hardware firewalls can be purchased as a stand-alone product but are also typically found in broadband routers, and should be considered an important part of your system and network set-up.
Where, Software firewalls are installed on your computer and you can customize it, allowing you some control over its function and protection features. A software firewall will protect your computer from outside attempts to control or gain access your computer.
In addition to limiting access to your computer and network, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins. Firewalls can be implemented in both hardware and software, or a combination of both.
Hardware firewalls can be purchased as a stand-alone product but are also typically found in broadband routers, and should be considered an important part of your system and network set-up.
Where, Software firewalls are installed on your computer and you can customize it, allowing you some control over its function and protection features. A software firewall will protect your computer from outside attempts to control or gain access your computer.
Types of firewall
Packet firewalls - The earliest firewalls functioned as packet filters, inspecting the packets that are transferred between computers on the Internet. When a packet passes through a packet-filter firewall, its source and destination address, protocol, and destination port number are checked against the firewall's rule set. Any packets that aren't specifically allowed onto the network are dropped.
Stateful inspection firewall - A stateful inspection firewall allows or blocks traffic based on state, port, and protocol. It perform the work of the packet firewalls but operate up to transport layer. It monitors all activity from the opening of a connection until it is closed. Filtering decisions are made based on both administrator-defined rules as well as context, which refers to using information from previous connections and packets belonging to the same connection.
Web Application firewalls - As attacks against Web servers became more common, so too did the need for a firewall that could protect servers and the applications running on them. A web application firewall is a hardware appliance, server plug-in, or some other software filter that applies a set of rules to a HTTP, FTP and DNS conversation. Such rules are generally customized to the application so that many attacks can be identified and blocked.
Proxy firewalls - Proxy firewalls act as middlemen, they accept all traffic requests coming into the network by impersonating the true recipient of the traffic within the network. After an inspection, if it decides to grant access, the proxy firewall sends the information to destination computer. The destination computer’s reply is sent to the proxy, which repackages the information with the source address of the proxy server.
Stateful inspection firewall - A stateful inspection firewall allows or blocks traffic based on state, port, and protocol. It perform the work of the packet firewalls but operate up to transport layer. It monitors all activity from the opening of a connection until it is closed. Filtering decisions are made based on both administrator-defined rules as well as context, which refers to using information from previous connections and packets belonging to the same connection.
Web Application firewalls - As attacks against Web servers became more common, so too did the need for a firewall that could protect servers and the applications running on them. A web application firewall is a hardware appliance, server plug-in, or some other software filter that applies a set of rules to a HTTP, FTP and DNS conversation. Such rules are generally customized to the application so that many attacks can be identified and blocked.
Proxy firewalls - Proxy firewalls act as middlemen, they accept all traffic requests coming into the network by impersonating the true recipient of the traffic within the network. After an inspection, if it decides to grant access, the proxy firewall sends the information to destination computer. The destination computer’s reply is sent to the proxy, which repackages the information with the source address of the proxy server.
Unified threat management firewalls - A UTM device typically combines, in a loosely coupled way, the functions of a stateful inspection firewall with intrusion prevention and antivirus. It may also include additional services and often cloud management. UTMs focus on simplicity and ease of use.
Next-generation firewalls - Firewalls have evolved beyond simple packet filtering and stateful inspection. Next-generation firewalls were created in response to the evolving sophistication of applications and malware. It act as a platform for network security policy enforcement and network traffic inspection. Application and malware developers have largely outwitted the long-standing port-based classification of traffic by building port evasion techniques into their programs.
In practice, many firewalls use two or more of these techniques in concert. In Windows and Mac OS, firewalls are built into the operating system. Even third-party firewall packages also exist. Many of these offer free versions or trials of their commercial versions. In addition, many home and small office broadband routers have rudimentary firewall capabilities built in. These tend to be simply port/protocol filters, although models with much finer control are available.
Next-generation firewalls - Firewalls have evolved beyond simple packet filtering and stateful inspection. Next-generation firewalls were created in response to the evolving sophistication of applications and malware. It act as a platform for network security policy enforcement and network traffic inspection. Application and malware developers have largely outwitted the long-standing port-based classification of traffic by building port evasion techniques into their programs.
In practice, many firewalls use two or more of these techniques in concert. In Windows and Mac OS, firewalls are built into the operating system. Even third-party firewall packages also exist. Many of these offer free versions or trials of their commercial versions. In addition, many home and small office broadband routers have rudimentary firewall capabilities built in. These tend to be simply port/protocol filters, although models with much finer control are available.
Comments
Post a Comment