Firewalls : Logic, Types and Rules
What is a firewall?
A firewall is a network security system, either hardware or software based that controls incoming and outgoing network traffic based on a set of rules. Firewalls act as a barrier between a trusted and other network and other untrusted networks. They filter the traffic that flows into your computer or network through an internet connection. Firewalls protect your computer by controlling access to the resources of a network through a positive control model.
There are three types of filtering mechanisms:
Packet Filtering or Packet Purity
Data flow consists of packets of information and firewalls analyze these packets to get rid of offensive or unwanted packets depending on what you have defined as unwanted packets.
Firewalls assume the role of a recipient and in turn sends it to the node that has requested the info and vice versa.
Firewalls mark key features in all outgoing requests and check for the same matching characteristics in the inflow to decide if it is relevant information that is coming through.
Firewalls follow a set of rules that can be customized as per your needs, requirements, and security threat levels. You can create or disable firewall filter rules based on conditions such as:
You can choose to block off a certain IP address or a range of IP addresses which you think are predatory.
You can allow certain specific domain names to access your system/servers or allow access to only some specified types of domain names or domain extensions like .edu or .org.
A firewall can decide which of the systems can have access to or allow common protocols like IP, SMTP, FTP, UDP, ICMP, Telnet or SNMP.
Blocking or disabling ports of servers that are connected to the Internet will help maintain the kind of data that you want to see it used for. This also closes down possible entry points for hackers or malicious software.
Firewalls can also scrutinize through the data flow for a match of the keywords or phrases to block out offensive or unwanted data from flowing in.
Two Types of Firewall
Hardware firewalls can be purchased as a stand-alone product and are typically found in broadband routers. Hardware firewalls provide a strong degree of protection from most forms of attack coming from the outside world. They use packet filtering to examine header of a packet to determine its source and destination. However, hardware firewalls may be less effective that software firewalls because it’s possible for them to ignore embedded worms in outgoing e-mails and see this as a regular network traffic.
Software firewalls are the most popular firewall choice. Software firewalls are installed on your computer and can be customized. Software firewalls will protect your computer from external attempts to control or gain access to your computer. Software firewalls usually provide additional protection against the most common Trojan programs or e-mail worms. (Read about Trojans and worms *insert link here*.) They usually have user defined controls for setting up a safe file and printer sharing and to block unsafe applications from running on your system. Software firewalls may also incorporate privacy controls, web filtering and more. On the downside, software firewalls only protect the computer they are installed on, not the entire network.
Firewalls are a must for any kind of computer usage that requires going online. They protect you from all kinds of abuse and unauthorized access like Trojans that allow taking control of your computers by remote logins or backdoors, virus, or use your resources to launch DDoS attacks.
The ideal firewall configuration consists of both hardware and software. They are useful for allowing remote access to a private network through secure authentication certificates and logins.
Firewall testing is also an important part of maintenance to ensure your system is always configured for optimal protection.