What Is a Firewall?
A firewall is a network of a security system that monitors and controls incoming and outgoing network
traffic based on predetermined security rules. A
firewall typically establishes a barrier between a trusted internal network and an untrusted external network, such as the Internet.
![]() |
Firewall |
A firewall can be hardware, software, or both.
Most people
think that a firewall is a device that is installed on the network, and it
controls the traffic that passes through the network segment.
What Firewalls Do?
- Defend resources
- Validate access
- Manage and control network traffic
- Record and report on events
If You Read About TCP/IP Model? Click on Link and Read Out.
Firewalls are used to protect both home and corporate networks. A
typical firewall program or hardware device filters all information coming
through the Internet to your network or computer system.
How Firewall Works?
To get a basic grasp of how firewalls work, it's
important to understand how TCP packets work.
The data that your computer sends and receives over the internet or an internal the network is comprised of TCP packets and UDP packets. TCP packets can be more effectively filtered by firewalls because they contain more information in their headers.
The data that your computer sends and receives over the internet or an internal the network is comprised of TCP packets and UDP packets. TCP packets can be more effectively filtered by firewalls because they contain more information in their headers.
TCP packets contain information
such as source and destination addresses, packet sequence information, and
payload. That information allows your network interface to deliver data
properly, and a firewall can compare that information to the rules you
configured it with.
Generation of Firewall:
First
Generation- Packet Filtering Firewall :
Packet filters act by inspecting packets
transferred between computers. Packet filtering firewall is used to
control network access by monitoring outgoing and incoming packet and allowing
them to pass or stop based on source and destination IP address, protocols and
ports.
Second
Generation- Stateful Inspection Firewall :
From 1989–1990, Stateful firewalls (performs
Stateful Packet Inspection) can determine the connection state of
packet, unlike Packet filtering firewall, which makes it more efficient.
This type of firewall is potentially vulnerable to denial-of-service attacks that bombard
the firewall with fake connections in an attempt to overwhelm the firewall by
filling its connection state memory.
Third
Generation- Application Layer Firewall :
Marcus Ranum, Wei Xu, and Peter Churchyard released an application firewall is known as Firewall Toolkit (FWTK) in October 1993.
Application layer firewalls can inspect and filter the packets on
any OSI layer, up to the application layer. It can block specific
content, also recognize when certain application and protocols (like HTTP, FTP)
are being misused.
If You Don't Know About IDS and IPS? Click On Link and Read Out.
Next-generation
firewall (NGFW):
Firewalls have evolved beyond simple packet filtering and stateful
inspection. Most companies are deploying next-generation firewalls to block
modern threats such as advanced malware and application-layer attacks.
Types of Firewall:
Firewalls are generally of two types: Host-based and Network-based.
Host-based
Firewalls :
![]() |
Host-Based Firewall |
- A host-based firewall is installed on each network node which controls each incoming and outgoing packet.
- Host-based firewalls are needed because network firewalls cannot provide protection inside a trusted network. Host firewall protects each host from attacks and unauthorized access.
Network-based
Firewalls :
![]() |
Network-Based Firewall |
- Network firewall functions on the network level.
- It protects the internal network by filtering the traffic using rules defined on the firewall. A network-based firewall is usually a dedicated system with proprietary software installed.
Firewalls use one or more of three methods to control traffic
flowing in and out of the network:
Packet
filtering -
Packets are
analyzed against a set of filters. A packet-filtering firewall
examines packets in isolation and does not know the packet's context. Packets
that make it through the filters are sent to the requesting system and all
others are discarded.
Proxy
service -
Information
from the Internet is retrieved by the firewall and then sent to the requesting
system and vice versa. Proxy servers can mask
real network addresses and intercepts every message that enters or leaves a
network.
Stateful inspection -
These are then compared to a trusted information
database for characteristic matches. This determines whether the information is
authorized to cross the firewall into the network.
No comments:
Post a Comment