Introduction to Firewall
It is a computer element that tries to block access, to a private network connected to the Internet, to unauthorized users. Therefore, the firewalls focuses on examining each of the messages that enter and leave the network to obstruct the arrival of those who do not meet certain security criteria, while giving free access to communications that are regulated. To clarify this concept, we will use a very simple metaphor: a firewall is to a computer network what a door to a house.
This door prevents the entry of unknown persons to our home in the same way that a firewall blocks the arrival of unauthorized users to a private network. The function of firewalls is very important, since, if not for it, a computer – or computer network – could be attacked and infected quite frequently. Some antivirus companies also offer additional firewall protection to improve the defense system and stop the entry and installation of malicious code.
How does Firewall Work?
- The main function of a firewall is to block any unauthorized access attempt to private internal devices of our data network (LAN) from the external internet connections commonly called WAN.
- It provides a way to filter the information that is communicated through the network connection.
- A firewall that is meant for an individual computer is called a Personal Firewall.
- When firewalls are present in an enterprise network for the protection of multiple computers, it is called a Network Firewall.
- It allows or blocks the communication between teams based on rules.
- Each rule defines a certain network traffic pattern and action to perform when detected. These customizable rules provide control and fluency over the use of the network.
- If traffic complies with the configured rules in firewalls, traffic can enter or leave our network. If not, then the traffic will be blocked and cannot reach its destination.
Rules that Can be Implemented in Firewall
The type of rules and functionalities that can be built in it are the following:
- Manage user access to private network services such as server applications.
- Record all attempts to enter and exit a network. Entry and exit attempts are stored in logs.
- Filter packets based on their origin, destination, and port number. This is known as an address filter. Thus, with the address filter, we can block or accept access to our equipment through port 22 from IP 192.168.1.125. One more thing, port 22 is usually the port of an SSH server.
- Filter certain types of traffic on our network or personal computer. This filtering is also known as protocol filtering. The protocol filter allows accepting or rejecting traffic depending on the protocol used. Different types of protocols that can be used are HTTP, https, SSH, Telnet, TCP, UDP, FTP, etc.
- Control the number of connections that are occurring from the same point and block them if they exceed a certain limit. In this way, it is possible to avoid some denial of service attacks.
- Control applications that may access the Internet. Thus, we can restrict access to certain applications, such as dropbox, to a certain group of users.
- Detection of ports that are listening and in principle should not be. Thus, the firewall can warn us that an application wants to use a port to wait for incoming connections.
Types of Firewall
There are two types of firewalls which are as follows:
- As we have seen in the definition there are 2 types of firewalls. There are hardware types devices such as Cisco types or routers that have this function.
- Hardware devices are an excellent solution in case we have to protect an enterprise network since the device will protect all the computers in the network and we can also perform the entire configuration at a single point that will be the same firewall.
- In addition to this, these hardware firewalls implement interesting features such as CFS, offering SSL or VPN technologies, integrated antivirus, antispam, load control, etc.
- Software types are the most common and the ones used by home users in their homes.
- The software types are installed directly on the computers or servers that we want to protect and only protect the computer or server on which we have installed it.
- The functionalities that software firewalls usually provide are more limited than the previous ones, and once installed, the software will be consuming resources from our computer.
While it is true that a well-configured firewall can be a very stable and extremely necessary security instrument during these times, however, under no circumstances should it be considered sufficient. It is recommended that a firewall must be complemented with a good updated antivirus.
This is a guide to What is a Firewall? Here we discuss the basic concept, working, rules to implement, and types of firewalls. You may also have a look at the following articles to learn more –