FIREWALLS: Explained
Boney Maundu
Tech Contractor & Entrepreneur - Information, Communication & Security Hardware, Electronics & Systems | Tech Writer | Tech Consultancy, Support & Mgmt | Digerati | Lectiophile
A firewall is a system that filters traffic and?information coming in from the internet in a bid?to flag and?stop unauthorized users from accessing a private network. Unwanted traffic is thus blocked by a firewall, while desired or authorized?traffic is allowed.
The goal of a firewall is to erect a security wall between a private network and the public internet since harmful traffic and hackers will always attempt to infiltrate private networks in order to do harm. And the primary network component to stop this is a firewall.
For a large firm with several PCs and servers, a firewall is very crucial. Because you don’t want all those applications, systems and devices to be available to the public online, where a hacker may gain access and completely devastate the organization.
There are many similarities between the operation of a firewall in a building structure and one that is utilized in computer networks. Indeed, that is the origin of the phrase “firewall.†When a fire breaks out?on one side of a building, a firewall acts as a barrier to contain the fire and prevent it from spreading to the other side of the structure.
The firewall’s purpose is to prevent the building from being completely destroyed by a?fire. However, if this firewall hadn’t been installed, the fire would have spread to the opposite side and eventually consumed the entire structure. So, a network firewall and a structure firewall function similarly.
It prevents potentially?malicious activities and applications?from infiltrating a private network and propagating to the other side of the firewall.
A firewall operates by screening incoming network traffic and deciding whether or not to allow it to pass through based on its rules. Another name for these guidelines is an access control list. The network administrator sets these policies, which are modifiable. What can enter a network and what can exit it are both determined by the administrator. Permission is either granted or denied under these guidelines.
For instance, in an access control list, a network administrator can specify which IP addresses can be able to gain access to a network and which ones have been blocked. Blocked IP addresses will be denied access by the firewall until it has been removed from the list of blocked addresses and vice versa.
Apart from IP addresses, a network administrator can use or make rules using other identifiers such as protocols, ports, domain names, programs and keywords.
So let’s take an example where access is restricted by port numbers according to firewall regulations and?assume?that the data using ports 20, 45, and 100 has been granted access to this network and that therefore?the rules have permitted incoming data using those ports. Therefore, any incoming data that uses those ports is able to get past the firewall.
Additionally, the rules in this firewall have prohibited any data from using ports 50 and 2089. Thus, the firewall will prevent access to any incoming data that uses those port numbers, preventing it from passing through.
领英推è
Types of Firewalls
- Host-based firewall
There are various varieties of firewalls, one of which is a software firewall known as a host-based firewall. This type of firewall is installed on a computer and it?guards that particular machine only. For example, a host-based firewall is pre-installed on newer Microsoft operating system versions.
- Third party host-based firewall
There are also third-party host-based firewalls that can be purchased and installed on a computer. One popular third-party host-based firewall is Zone Alarm.
A lot of anti-virus programs also come with built-In host-based firewall capabilities.
- Network-based firewall
Operating at the network layer, a network-based firewall consists of both hardware and software components. It is situated between the public internet and a private network. However, a network-based firewall safeguards the entire network, as opposed to a host-based firewall, which simply guards that particular computer. And it accomplishes this by implementing management rules throughout the network as a whole, preventing any malicious activity from getting to the network devices.
Large enterprises are the primary users of network-based firewalls, which are also available as standalone products. They may also be installed in a service provider’s cloud infrastructure or as an integrated part of a router, depending on how many smaller businesses use them.
Many organizations will employ firewalls that are both host-based and network-based. To ensure optimal protection, they will deploy host-based firewalls for each computer and server protection in addition to network-based firewalls to safeguard the entire network. Because each computer’s host-based firewall will be able to block hazardous data if it manages to evade the network firewall.
—