Firewalls For Secure Internet Communication Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

I have been asked to produce a report on the subject of firewalls and their importance in secure internet communication. In this report I will discuss what firewalls are and the role they play in communication across the internet as well their limitations. I will also discuss how the role of firewalls may change in the future such as when new technologies emerge.

A firewall can be a device or a piece of software whose role it is to provide a means of controlling access to a computer on a network and therefore keeps the computer more secure. A hardware firewall is an external device which the computer connects to before connecting to the network. Today it is quite common that routers provided by broadband companies could have some sort of firewall built into them.

A software firewall is piece of software that runs on the computer and can be customized using that computer such as Windows Firewall that ships with the Windows operating system. This effectively provides the computer the means to act as its own firewall.

When communicating over the internet, firewalls act as a point for enforcing access rules employed by the network or system where the firewall is located, in essence managing and controlling network traffic (Noonan, W & Dubrawsky, I, 2006).

Access rules determine whether a connection is permitted to gain access to the host network. How these access rules are set up differ depending on the type of firewall. When using a software firewall such as Windows Firewall for example, whenever a new incoming connection is detected the firewall prompts the user on whether they would like to allow access to this connection or block its access. Depending on how the user responds a new access rule is set up for this connection to either allow or deny it access. This ensures, in theory that the firewall makes the traffic between the protected system and incoming traffic secure as only traffic or data that meets the access requirements are permitted.

Firewalls need to know if network traffic matches the criteria set up in the access rules or not. To do this different types of firewalls employ different methods of filtering traffic.

Packet filtering firewalls make use of packet filtering which is employed at Layer 3 of the OSI model (The Network Layer). Packet filtering works by inspecting incoming packets. When inspecting the packets it looks at the following five elements of a packet;

Source IP address

Source port

Destination IP address

Destination port

IP protocol

The packet is then filtered by any of the packet elements so that only packets that meet the set access rules are allowed access. There is a limitation to this method however and that is that if for example, the firewall was set to filter the packet by its source IP Address then it is possible for a malicious user to spoof the source IP Address of the sent packet. What this could mean is that if the firewall had previously set allowed packets from this source IP Address then it will think that this packet has came from a trusted source and allow it access to protected network.

Circuit-Level firewalls operate at the Session layer of the OSI model. Circuit-level firewalls monitor what is known as “handshaking” between packets (Noonan, W and Dubrawsky, I,2006). This handshaking makes sure that the packet matches the pre-defined network and is therefore valid traffic. Any traffic that is sent from the protected network to another network is modified to make it look like it came from the circuit-level firewall and therefore other networks or computers have no knowledge of the protected network. The main limitation of this method is that it does filter individual packets which means that any request from inside the firewall is automatically allowed (PCStats, 2007).

Stateful firewalls, like packet filtering firewalls make use of packet filtering to restrict what traffic is allowed through the firewall. Stateful firewalls however make use of stateful inspection, also known as dynamic packet filtering (Searchnetworking,2009). Stateful inspection means that not only do stateful look at the structure of a packet but they also know the state of the current connection which is stored in a state table. By examining this state table the firewall can filter packets by determining if it is part of the current session. If it is part of the current session then it is allowed access and denied access if it is not.

2.3 Future of Firewalls

The internet continues to grow with more and more people starting to use it every day. As the internet continues to grow, so does the need for providing secure communication online. Take for example Virtual Private Networks which are becoming increasingly popular. VPN’s allow people to use a public network such as the internet to access their office network in a different location securely. Firewalls are essential for making sure that this is carried out securely. For this reason I feel that firewalls are going to continue being used for secure communication between networks in the near future.

3.0 Conclusion

Overall I feel that firewalls play a very important role in making sure that communication over the internet is secure. They provide a way of making sure communication with a protected network is as secure as possible by enforcing rules that restricts what traffic can gain access to the network which will always be needed as there are always malicious users on the internet looking to cause harm.

References

InformIT(2005), How a stateful firewall works[Online],

Avaliable from:

http://www.informit.com/articles/article.aspx?p=373120

[Accessed 29/04/2010]

Noonan, W and Dubrawsky, I. (2006), Firewall Fundamentals, Cisco Press.

PCStats (2007), Beginners Guide: Firewalls and Internet Security[Online]

Avaliable from:

http://www.pcstats.com/articleview.cfm?articleid=1450&page=5

[Accessed 28/04/2010]

Searchnetworking(2009),What is stateful inspection?[Online],

Avaliable from:

http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci886233,00.html

[Accessed 29/04/2010]