Firewall and Network Security
In terms of computer security, afirewall is a piece of software and Hardware cobination. This software monitors the network traffic. A firewall has a set of rules which are applied to each packet. The rules decide if a packet can pass, or whether it is discarded. Usually a firewall is placed between a network that is trusted, and one that is less trusted. When a large network needs to be protected, the firewall software often runs on a dedicated hardware, which does nothing else.
A firewall protects one part of the network against unauthorized access.
Different kinds of Firewalls
Packet filtering
Data travels on the internet in small pieces; these are called packets. Each packet has certain metadata attached, like where it is coming from, and where it should be sent to. The easiest thing to do is to look at the metadata. Based on rules, certain packets are then dropped or rejected. All firewalls can do this.it is known as network layer
Stateful packet inspection
In addition to the simple packet filtering (above) this kind of firewall also keeps track of connections. A packet can be the start of a new connection, or it can be part of an existing connection. If it is neither of the two, it is probably useless and can be dropped.
Application-layer firewalls
Application-layer firewalls do not just look at the metadata; they also look at the actual data transported. They know how certain protocols work, for example FTP orHTTP. They can then look if the data that is in the packet is valid (for that protocol). If it is not, it can be dropped.
Other things firewalls are used for
Tunnelling
Firewalls can provide a secure connection between two networks. This is called tunnelling. The data may be encrypted. It is unencrypted at the other end. Since the firewalls are doing this, the rest of the network is unaware of it. An alternative is to provide a secure access (to the corporate network).
Network address translation
Very often, firewalls can translate IP addresses. That way, many computers can share a few public IP addresses. The firewall translates between the public and the private IP addresses.
Types of firewalls
In general, there are two types of firewalls:
- Software-based firewalls: these are often run as additional programs on computers that are used for other things. They are often known as personal firewallswhich can be updates on personal computers.
- Hardware-based firewalls: Hardware based firewalls run on a dedicated computer (or appliance). Often, these offer a better performance than software firewalls, but they are also more expensive.
What firewalls cannot protect against
Firewalls can protect against some problems (viruses and attacks) that come from the internet. They cannot protect against viruses, that come from infected media (like an infected office document on an USB flash drive).
We provide engineering services related to all aspects of Firewall. One of our Field application engineers will be happy to discuss your requirements.