What is a firewall?
A firewall is a system designed to reinforce the Security of the data flowing between two Networks, the Internal Network and the outside Network. There are several ways to accomplish this but most firewalls use two or more of the following methods as none of them alone provides adequate security.
Works at the Internet protocol layer and enables you to accept, reject or drop packets based on IP Address, Ports or Protocols. Packet filters perform these duties based on a set of configurable rules called Policies. Packet filtering is the original and the most basic type of firewalling and most routers provide packet filtering. Disadvantages of packet filtering however are:
- Address information on a packet can potentially be spoofed or falsified.
- The data contained in allowed packets can't be checked so they ultimately may contain exploits.
- Packet filters can't provide application level or user level authentication.
- Once a particular protocol is allowed to pass, external hosts can establish a direct connection to hosts on the Internal Network using that protocol. It could therefore expose the private Network configuration to everyone outside of the Network and reduce Network security.
Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
For more information on Firewalls, please read the following Wikipedia article:
What do you think about this topic? Send feedback!