Knowledge Base

Home > What is ... > What is a firewall?

Created 13 Jun 2002
Modified 13 May 2007

Article 85

What is a firewall?

A firewall is a system designed to reinforce the Security of the data flowing between two Networks, the Internal Network and the outside Network. There are several ways to accomplish this but most firewalls use two or more of the following methods as none of them alone provides adequate security.

Packet Filtering:
Works at the Internet protocol layer and enables you to accept, reject or drop packets based on IP Address, Ports or Protocols. Packet filters perform these duties based on a set of configurable rules called Policies. Packet filtering is the original and the most basic type of firewalling and most routers provide packet filtering. Disadvantages of packet filtering however are:

The advantage of Packet filters is that they are very fast and transparent to users.

Application gateway:
Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.

Circuit-level gateway:
Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.

Proxy server:
Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.

Stateful inspection It is a newer method that does not examine the contents of each packet but compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through.

For more information on Firewalls, please read the following Wikipedia article:
Firewall

Keywords