All About Firewalls

Overview

A firewall can be a software or hardware device that blocks all unauthorized access of the system resources. It protects the private network from the people outside the network. Firewalls may consist of hardware or software or both. It is basically used to protect local intranet from people outside the network. A firewall can also be set using a router. These devices can be configured so that outside world cannot access the intranet. Also, the intranet computers cannot access certain resources outside the network. This helps in securing the intranet computers from being accessed by hackers.

Types of Firewall

Firewalls are designed for forwarding the desired packets and filter the packets that are not required. For example, a firewall can be used for filtering packets received from a particular host or an http server. Firewalls can also be used for denying access to a particular host or service. A firewall is present at a junction point or gateway between two networks such as a private and public network.

Hardware Firewall

Hardware firewalls are also available for configuration. Nowadays, they are inbuilt in a broadband router and form an important part of the network and system setup. For example, Sonic wall, Cisco PIX, and Watch guard. Hardware firewalls are more effective as they require fewer configurations and protect every system on the network. The hardware firewall utilizes packet filtering for determining the source and destination from the packet header.

Software Firewall

Software firewalls are useful for individual users and servers. Software firewall allows you to customize the functions and protection features of the firewall. Software firewall protects your computer from unauthorized access as well as protection from viruses. Software firewalls are not so secured as compared to hardware firewalls and it may be hacked. Hence, it is a good practice to use hardware firewall and software firewall together.

Packet-Filter firewalls

Packet Filtering firewalls does not block the whole content from the internet. It only blocks specific packets from the whole data. This type of firewall forwards or blocks the packets depending source and the destination IP address, source and destination port address or type of protocol (TCP or UDP). It collects this information from the network layer and transport layer headers. If the packet is trying to access some unauthorized port of the computer or if the packet is originating from an unauthorized IP address, than that particular packet may be discarded. This type of firewall is mainly configured in the routers. Packet filter firewall cannot monitor each and every user as it only blocks the IP addresses and ports from where the message originated as configured. The advantage of these types of firewalls is that the user need not install and configure any software for setting up the firewall.

Proxy Firewall

The proxy firewall protects the intranet network from the outside world. The packet filter firewall filters packets at the network and transport layer. However, it is essential to filter the data at the application layer level based on information present in the message itself. The solution to this problem is installing a proxy computer also known as application gateway between the user computer and the organization server. When a client computer sends a message, the proxy firewall forwards all HTTP packets to HTTP proxy. HTTP proxy executes a server process to receive the request. Then it opens the packet at the application level and checks if the message received is valid. If it is valid the HTTP proxy acts as a client process and sends it to the organization server (HTTP Server). If the message is not valid, an error message is sent to the client computer and the message is dropped. Thus, the requests of the external user are filtered on the basis of the contents of the application layer.