Firewall 101: for Dummies

Firewall 101 for Dummies

What is a Firewall?

In architecture, a Firewall means a wall or partition designed to constrain or prevent the spread of fire. In computers, a Firewall is a wall and shield that protect a network or system from unauthorized access.

A Firewall is a security system which protects the System from Intruders and hackers. It is a network security device that keeps an eye on incoming and outgoing traffic and stops and slowdown viruses and malware to spread from one computer or subnet or network to another.

A Firewall uses a defined set of rules and terms for checking and filtering packet. Firewall security device filter outgoing and incoming traffic and only allow that traffic which fulfils all rules. Firewall decides whether to allow or block specific traffic according to security rules.

For example, you can think of a firewall as a security guard that decides who enters or exits a building.

2 Categories of Firewalls

Firewall can divide into two categories- A firewall is a software utility or hardware device that acts as a filter for data entering or leaving a network or computer.

Hardware Firewall

Use a router for Hardware Firewalls, but any other security product can also use. Place the Hardware Firewall between your PC and the outside world. Router and Security device can connect more than one device at a time. It is a tangible product or devices that security system and PC from outer threads, viruses, malware and many more harmful viruses.

Software Firewall 

A software firewall is an intangible product. Software Firewall is a program and set of codes that can be installed in a computer or system. In case of attack, the software firewall hides open ports and will deflect incoming attacks. Software Firewall also aware and warn from suspicious outgoing traffic. When a software firewall present in a system, an attacker will have to cross two-level securities to access your PC, and it is too difficult for any attacker.

Firewall support services are like a backbone for every system and network. Firewall can secure and protects the network of both sides, client sides and server sides and deliver only useful content.

Is Firewall Necessary? 

Well, the answer is always “it depends”. Generally speaking, there is a very good host of reason to install a firewall in several circumstances: for your corporation, your computer, your web site.

A firewall is a necessity if you want to ensure that your computer won’t be hacked. It is also to be sure that your personal and financial account information and the transaction won’t be stolen.

Without one or more firewalls protecting a network, it is like a road with entry to homes and factories with no gates or access control so that it is relatively easy for a burglar to access- or a hacker or malware program to exploit. Gates and security inspections will not prevent a burglar but will make it harder. Firewalls will not prevent every potentially bad act, but if they are configured appropriately can make things harder.

A firewall is not always necessary. A firewall is security control. Security control is selected based on its ability to mitigate specific threats. There are many situations where a firewall provides no mitigation to a threat.

There are also different types of firewalls. Ranging from simple layer 4 to application proxy, host-based firewalls and application firewalls.

Identify the threat. Then you can assess if a type of firewall will provide any mitigation to it.

Why is it a firewall important?

• If your network is connected to the internet, some types of malware find ways to divert portions of your hardware’s bandwidth for its purposes.
• Some types of malware are designed to gain access to your network to use sensitive information such as credit card info, bank account numbers or other proprietary data like customer information.
• Other types of malware are designed to destroy data or bring networks down.

What are the functions of firewalls?

Network Security

The firewall does this by filtering network traffic and blocking suspicious traffic. Suspicious traffic is determined by using various rules and conditions.

Packet level filtering (Network layer filtering)

The network layer uses the source IP address and destination IP address to route and delivers the data packet across the network. These addresses are present in every data packet. So, these addresses can be used to configure a firewall to filter the traffic

Circuit level filtering (Transport layer filtering)

This is more complex than packet-level filtering. This type of firewall filters the traffic based on port numbers that identify the destination application. A feature known as the three-way handshake process is used to guarantee data delivery. Sender computer sets up a temporary connection with the computer receiving the data in this process.

Firewalls can be configured in such a way that:

• A firewall can allow or deny a packet based on its destination port number.
• A firewall can approve outgoing and return traffic.

Application-level filtering (Application layer filtering)

This is the advanced level of filtering. Application layer protocols such as HTTP and FTP are used to filter data through this process. It can also stop the traffic temporarily for more advanced investigation or actions. Both packet and service level filtering is used in application-level filtering for network security. Configuring a software firewall for application-level filtering can slow down your computer. So, use this configuration only for a hardware firewall.

What are the types of firewalls? 

• Proxy firewall
• Unified threat management (UTM) firewall
• Stateful inspection firewall
• Next-generation firewall
• Packet-Filtering Firewalls
• Stateful inspection firewalls
• Application-level gateways
• Next-gen firewalls
• Circuit-Level Gateways