Regardless of whether you are an IT professional or not, the likelihood of you encountering the term firewall is very high. Whether or not you know what one is on the other hand is a different question. In addition to this, understanding the role they play in network protection is incredibly significant.
In today’s blog, we will look at what a firewall is and most noteworthy, analyze their usefulness in securing a network.
Definition of a Firewall:
When you think of a firewall in a literal sense, it suggests that it is some form of protection/ security measure. It is the idea of building a brick wall between two structures. The intention being, of course, would be to prevent a fire in one spreading to the other. Basically, to limit the spread of damage and structural collapse.
This is a helpful way to think of how a security firewall acts. A security firewall is a technological barrier to prevent unauthorized communications from one computer network to another. An example here would be a private home network and the Internet. The barrier is placed between a secured internal network that can be trusted and an untrusted outside network (Internet). So just like with the first description, the key role is to prevent damage caused by security violations (not fires!).
Basically it is a network security device that monitors incoming and outgoing network traffic. A pre-defined set of security rules are used to make a decision on whether to allow traffic through or block it.
Importance of a Firewall:
Firewalls have been around since 1988 and since then have been one of the front-line methods of network security. They are a major player in creating a secure network setup. Just reading the above definition already gives a strong indication of their importance.
Whether you have a small home network, or a vast corporate network, security is a major issue. Firewalls are a great option of addressing and preventing such issues.
This network device protects your PC from internet based attacks. Attacks in the form of hackers, viruses, worms etc.
Firewalls use a set of rules is used to control online activity. Rules can be used to decide whether or not certain IP addresses/ domains can communicate with your network. Whole networks can be blocked from accessing your private network.
You wouldn’t leave your front door wide open to encourage unwanted intruders entering your house. The same ideology applies to your network in the sense that firewalls are used to prevent unauthorized users accessing your network.
It is important to note at this stage that it is still strongly recommended to deploy anti-virus software as well!
Advancements in Technology:
First Generation: Packet Filters
This was the first reported type of such a device. As the name suggests, a packet filter acts by inspecting each packet that attempts to enter a network. The filter has a set of rules that it uses to determine how to treat each packet. If a packet doesn’t match any of the filtering rules, it is subsequently dropped or rejected. Alternatively, if the packet matches a rule, it is permitted entry into the network. An example of a rule might be to only accept packets from a specific network. The filter rejects any packets that do not originate from this network.
Second Generation: Stateful Filters
These filters perform the same role as the above, but operate up to Layer 4 (transport) of the OSI Model. In this filter, packets are retained until enough information has been collected to make an informed decision. A stateful filter keeps track of the state of network connections. The firewall monitors all connections that pass through. The filter determines whether the packet is part of an existing connection, the start of a new one, or not part of any. Only packets that match a known active connection can enter into the network.
Third Generation: Application Layer
This firewall further develops the stateful filter. This advancement allows all network traffic to be controlled and manipulated right up to the application layer. A packet is permitted or dropped based on the application information. Addition protection is achievable as the firewall can control the execution of applications and in turn block malicious code from being executed.
Breakdown:
Let us use a metaphor to make the above make more sense. Imagine a passenger arriving at an airport. The airport is the network destination and the customs officer is the firewall. With packet filtering, the customs officer only checks the passenger’s country of origin (source network). The customs officer has a list of countries of origin that are permitted access. If the passenger originates from a country that has a travel ban, they are refused entry (packet rejected/ dropped).
Stateful filters adds extra checks to the process. Does the passenger have the right visa for example? The passenger is denied entry without an appropriate visa. They may have originated from a country that is permitted entry, however they didn’t pass all the checks as they did not have a valid visa.
The Application Layer firewalls make the querying more rigorous. Looking at the passenger’s country of origin and determining if they have the right visa is not enough. The customs officer needs to analyse the passenger’s intentions and reasons to enter the country. The passenger is thoroughly scrutinized to determine if it is safe to allow them to enter.
Closing Note:
If any of the above content has left you questioning how secure your network is, then feel free to get in touch. Maybe you would just like a chat to clarify how a firewall could help you. Whatever the situation is, Bang IT Solutions are here to help.
If you would like to speak to a security specialist today, please call us on 1300 770035. Alternatively, send an email to security@bangitsolutions.com.