What is a Firewall?
A firewall is a network security tool that monitors incoming and outgoing network traffic and permits or blocks data and unauthorized access based on a set of security rules. The set of rules is used to identify possible cyber threats. This may fall into the category of software, hardware, or a combination of both. The ultimate purpose is to block malicious traffic like viruses and hackers. Firewalls are used in both personal and mass organization settings, many devices come with one built-in. With modern day technologies Firewall’s are widely considered an essential component of network security.
Not only do Firewall’s serve as a main means of protection, they also perform important logging and audit functions of data. A good firewall will keep a record of events, which can be used by administrators to identify any patterns within the data and make appropriate changes to the security rules. It is important because rules should be updated regularly to adapt to the changing environments.
How Does a Firewall Work?
Firewalls guard traffic at a computer’s entry point, which are commonly known as ‘ports’, which is where information is exchanged with any external devices. A firewall establishes a border between an external network and the network it is guarding. As the firewall carefully analyzes all traffic entering and leaving the ‘border’ it uses a set of pre-configured rules to distinguish between friendly and dangerous data.
Firewall Rules:
When discussing Firewalls, the word ‘packets’ is used to define a data group, the data has been formatted specifically for internet transfer. Packets include information such as its size and where it came from, firewalls use this information to then determine whether or not it passes the rules set and ultimately if it will pass through the guarded network. Firewall rule sets often includes and analyzes the following information:
- The packet source
- The destination for the packet
- The content included in the packet
As a packet makes its way through a network it is often reformatted several times in order to tell the protocol where to send it. There are multiple firewalls that exist analyze the packets at different levels of the network.
What Are the Types of Firewalls?
Firewalls are categorized by one of two ways; the way they filter data, or by the system they protect. When categorizing firewalls by the system they protect their are two main types:
- Network-based firewalls, This type guards an entire network and are often hardware.
- Host-based firewalls, This type of firewall guards individual devices (hosts) and are often software.
When categorizing a firewall by the way it filters data, there are several more types:
- Stateful inspection firewall – This examines a networks traffic to determine whether one data packet is related to another.
- Personal firewall – This is software used to protect a single internet-connected device from any malicious attacks, as opposed to a range of devices.
- Packet-filtering firewall – This firewall examines data packets in isolation without knowing the packet’s context.
- Proxy firewall – This type inspects packets at the application layer of the Open Systems Interconnection
- NGFW – This firewall has a multilayered approach to integrate enterprise firewall capabilities with an intrusion prevention system and application control.
