Functions And Types Of Firewalls Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

In the IT world of 21th century, with the advanced of technology computer and internet are a device we use in our daily life. With the convenient of internet usage we can easily search for information, downloading stuffs and connecting with the others. While we are using the internet for our daily use, we might encounter some unwanted internet threat such as viruses, malware, spyware or even hacker.

Well of course, nowadays there are also many ways to protect your precious computer for being hacked or your data being stole. One of the many ways was to turn on the firewall. In this report , it will tell you something about firewall.

History of Firewall

When compared to the rest of the computing industry, the firewall technology is quite an adolescent. The 1st generation of firewall architectures was called packet filter firewalls. It was first appeared around 1985 courtesy of the IOS software division of computer networks giant Cisco.

Three years later, the first paper on firewall technology was published, authored by Jeff Mogul of the Digital Equipment Corporation (DEC). However, during1980-1990, Dave Presetto and Howard Trickey of AT&T Bell Laboratories were developing the second firewall generation - circuit level firewalls. Their work encompassed the decade.

In 1990 and 1991, the third generation of firewalls papers was published by Bill Cheswick, Marcus Ranum, and Gene Spafford called application layer firewalls (or proxy-based firewalls). This triumvirate researched and developed the third generation independently of each other, with Ranum receiving the most attention for his work.

In 1991, the DEC released the first firewall commercial product, named "SEAL".SEAL was based on the work of Marcus Ranum. At the following year, Bob Braden and Annette DeSchlon from University of Southern California began to develop their own fourth generation firewall system, called "Visas". It was the first system that used a visual integration, interface and full of colors and icons. Which it could be easily implemented on a computer with the operating system such as Microsoft's Windows or Apple's MacOS. FireWall-1 was a commercial product that released in 1994 by Isreali company Check Point that was formed by the basis of Visas.

In 1996, Scott Wiegel of the Global Internet Software Group began thier work on the fifth generation of firewall, it was called the Kernel Proxy architecture. A year later, Cisco released the first commercial product based on the Kernel Proxy technology, the Cisco Centri Firewall.

Function of Firewall

If you had been using internet at any length of time or working in a big company and browse the Web while at work, you may find yourself heard the term firewall is used. For example you will often hear people say things like "I can't enter that site because they won't let it through the firewall". This is because the firewall had blocked any potential site that maybe a threat to the user that set it.

Basically a firewall work as barrier that keeps the destructive force away from your property. It is a gateway between your private network and the Internet. It will filter out any unauthorized network and ensure nothing private goes out. A user can set up rules for FTP servers, Web servers, Telnet servers and so on. In addition, the user can control the connection to Web sites, whether files are allowed to leave the computer over the network and so on. A firewall gives a user tremendous control over how people use the network.

A firewall is important, if a computer does not have a firewall, is like a house without a door, anyone can enter your house even thief and robbery. This go the same for your computer and imagine leaving your computer without a firewall is like letting any network come in and goes out of your computer without your authorization. Without a firewall a hacker can easily break in your computer and steal information or rip your computer apart.

Picture shows how a firewall works.

Types of Firewall

There are several types of firewall depending on where is the communication is placed and where the communication is intercepted plus the state that is being traced.

Packet Filter

The packet filter is also known as network layer firewall, it operate at a relatively low level of the TCP/IP protocol stack, not allowing any packet to pass unless they fulfill the rule that had been set. Packet filtering may appear in a bridge, a router or even an individual host and operates at the network layer. It is configured with rule to block or filter protocol and addresses and it is installed at the external network gateway. Internal users usually have direct access to the internet while most access to site system from internet is blocked.

Application Layer

Application layer gateway is a program that will provide a safety barrier between the internal user and the internet. These programs lead the internal user to connect to the application level gateway instead of the Internet directly such as World Wide Web browser. The application level gateway will then establishes the connection with the required World Wide Web server on the internet and acts as a go-between for the session.

An application firewall is much more reliable and secure compare to a packet filter firewall because it work on all seven layers of the OSI reference model, all the way from application down to the physical layer. One of the goo example of an application firewall is the ISA (Internet Security and Acceleration) sever. An application firewall can filter higher-layer protocols such as FTP, Telnet, DNS, DHCP, HTTP, TCP, UDP and TFTP (GSS). For example, if an organization wants to block all the information related to "game" then content filtering can be enabled on the firewall to block that particular word. Software-based firewalls are thus much slower than stateful firewalls.

Stateful Firewall

A stateful firewall can hold significant attributes of each connection in memory, from start to finish. These attributes, which are collectively known as the state of the connection, may include such details as the IP addresses and ports involved in the connection and the sequence numbers of the packets traversing the connection. The most CPU intensive checking is performed at the time of setup of the connection. All packets after that are processed rapidly because it is simple and fast to determine whether it belongs to an existing, pre-screened session. Once the session has ended, its entry in the state-table is discarded.

There are many stateful firewalls are able to track the stat of flows in the connectionless protocols, like UDP. By keeping the track of the connection state, statefull firewalls can provide added efficiency in terms of packet inspection.


A proxy device either on dedicated hardware or as software on a general-purpose machine may act as a firewall by responding to the input packets in the manner of an application, whilst blocking other packets.

Many work places, schools, and colleges restrict the web sites and online services that are made available in their buildings. This is done by either with a specialized proxy, called a content filter or by using a cache-extension protocol such as ICAP, that allows plug-in extensions to an open caching architecture.

Assuming that the requested URL is acceptable, the content will then fetched by the proxy. At this point a dynamic filter may be applied on the return path. For example, JPEG files could be blocked based on fleshtone matches, or language filters could dynamically detect unwanted language. If the following content is rejected, therefore an HTTP fetch error is returned and nothing is cached.


Internet help us in our daily life a lot, it is fast and easy to be use. City citizen used internet everyday no matter checking internet or using facebook, it also help us to connect with other people. But is also our responsible to protect our own computer away from the threat that come from internet. Therefore we should set up a firewall to help to protect our computer.

A firewall is a device of that separates and protects your network - in most cases, from the Internet. It can restrict traffic to only what is acceptable to you, and allows monitoring to see what is happening. Is also very important to remember about firewalls is that they enforce a security policy by allowing a single point for security decisions to be made. They also limit your exposure to the internet, and allow you to log traffic.

Firewalls can be implemented in either hardware or software, or a combination of both. Firewall is frequently used to block unauthorized internet user for entering user's private network connection. All messages entering or leaving the internet will pass through the firewall, and examines each message and block those that don't meet the specified security criteria. Firewall allow user to control the internet connection that come in or goes out the computer.


Name: Yee Kang Ching

Student ID: j10007728

Subject: CSC1100 Principle of Information Technology

Title: Firewall


To identify different types of firewall.

To understand how a firewall works

To determine the history of firewall