Part of network (or a computer system) which is designed to block unauthorized access while permitting authorized communications. It is configured to permit or deny computer applications based upon a set of rules and other criteria
A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or Demilitarized zone (DMZ).
A firewall's function within a network is similar to physical firewalls with fire doors in building construction. In the former case, it is used to prevent network intrusion to the private network. In the latter case, it is intended to contain and delay structural fire from spreading to adjacent structures.
Types of firewall:
Firewall has gradually developed into several distinct types. The below mentioned passages will make clear the functions of common types of firewalls and will also help in understanding that which basic features will be specifically required, at times. Enlisted below are the common types of firewalls:
Packet filter: As the name suggests the packet filtering methods inspects each packet passing through the network and accepts or rejects the packets based on user-defined rules. It is susceptible to IP spoofing.
This packet filtering firewalls checks the packet information which is contained in the header of the packet, and attempting to penetrate or pass through the network. The checking of information includes the source address. The destination and the application it is being sent to. It works on the network level of the OSI (open system interconnection) so it does not hide the private network topology behind the firewall from prying eyes. One important thing about this type of firewall, which one should know is that, this type of firewalls only examines the header information. If a malicious data is sent from a trusted source, then these types of firewall is no protection. If the packet passes the filtering process then it reaches it destination but if the packet is failed to do so it is dropped. This type of firewall is vulnerable to 'IP spoofing', a practice where a hacker will make his transmission to the private LAN (Local Area Network) look as though it is coming from a trusted source, thereby gaining access to the LAN.
Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose performance degradation.
Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking. This gateway works on the transport level of the protocol stack. Although they are fast and transparent, but really provide no protection from attacks. It does not even check the data in the packet. The benefit of this type of firewall is that they make the LAN behind the firewall invisible. This is the leased used type of firewall.
Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses. It is the slowest and most unwieldy firewall. It works on the application level of the protocol stack, and this enables it to perform with more intelligence than the aforesaid method or circuit gateway firewall.
These types of firewalls (application gateway) are usually utilized for enterprise firewalls rather than for home use. They determine if a connection to a requested specific application is permitted such as, Internet access or Email. The user is able to determine that what applications their computers will be used for. In addition of screening packets and determining what applications are permitted to be accessed they also offer protection from outside sources by hiding internal computers from external viewing, so they are also known as proxy servers. So the outside sources must conduct all communications via the proxy server as they never make contact with the internal computers. This method is more suited to small business and enterprise solutions.
Internet Connection Firewall:
Windows XP provides internet security in the form of the new ICF (internet connection firewall) ICF makes use of active packet filtering, which means the ports on the firewall are opened for as long as needed to enable you to access the services you are interested in. The type of technology prevents hackers from scanning your computer's ports and resources. If you are hosting an Internet session, ICF allows you to open holes in the firewall that allow traffic on specific ports. This is called "port mapping."
Itââ‚¬â„¢s a combination of two of the above-mentioned firewalls. DEC seal, the first commercial firewall, was a hybrid developed using an application gateway and a filtering packet firewall. It is generally implemented by adding packet filtering to an application gateway and with the help of it, it is quickly enable a new service access to and from the private LAN.
Not to Forget:
The most important thing to remember (.i.e. not to forget) with a firewall is that is should only be one part of a security system for a private LAN or computer. It need to be considered that todayââ‚¬â„¢s firewalls, the modern ones, are not good enough to protect a network or system from attacks, let it be inside attack or any kind of viruses and previously unknown attacks as this technology is trying to reach the level of standards and it wont be wrong to say here that itââ‚¬â„¢s a catch-up technology still and its protects from already known threats technology. Constants updates and other security methods are required and need to be implemented to completely secure the system(s).