Introduction of Firewall in Computer Network
Last Updated :
04 Feb, 2025
A firewall is a network security device either hardware or software-based which monitors all incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects, or drops that specific traffic. It acts like a security guard that helps keep your digital world safe from unwanted visitors and potential threats.
- Accept: allow the traffic
- Reject: block the traffic but reply with an “unreachable error”
- Drop: block the traffic with no reply
A firewall is a type of network security device that filters incoming and outgoing network traffic with security policies that have previously been set up inside an organization. A firewall is essentially the wall that separates a private internal network from the open Internet at its very basic level.
Need For Firewall
Before Firewalls, network security was performed by Access Control Lists (ACLs) residing on routers. ACLs are rules that determine whether network access should be granted or denied to specific IP address. But ACLs cannot determine the nature of the packet it is blocking. Also, ACL alone does not have the capacity to keep threats out of the network. Hence, the Firewall was introduced. Connectivity to the Internet is no longer optional for organizations. However, accessing the Internet provides benefits to the organization; it also enables the outside world to interact with the internal network of the organization. This creates a threat to the organization. In order to secure the internal network from unauthorized traffic, we need a Firewall.
History of Firewalls
- Late 1980s: Jeff Mogul, Brian Reid, and Paul Vixie at Digital Equipment Corp (DEC) developed packet-filtering technology, laying the groundwork for firewalls by checking external connections before they reached internal networks.
- Late 1980s - Early 1990s: AT&T Bell Labs researchers, including Presotto, Sharma, and Nigam, developed the circuit-level gateway, a firewall that vetted ongoing connections without reauthorizing each data packet, paving the way for more efficient security.
- 1991-1992: Marcus Ranum introduced security proxies at DEC, leading to the creation of the Secure External Access Link (SEAL), the first commercially available application-layer firewall, based on earlier DEC work.
- 1993-1994: At Check Point, Gil Shwed pioneered stateful inspection technology, filing a patent in 1993. Nir Zuk developed a graphical interface for Firewall-1, making firewalls accessible and widely adopted by businesses and homes
Working of Firewall
- Firewall match the network traffic against the rule set defined in its table. Once the rule is matched, associate action is applied to the network traffic. For example, Rules are defined as any employee from Human Resources department cannot access the data from code server and at the same time another rule is defined like system administrator can access the data from both Human Resource and technical department.
- Rules can be defined on the firewall based on the necessity and security policies of the organization.
- From the perspective of a server, network traffic can be either outgoing or incoming. Firewall maintains a distinct set of rules for both the cases. Mostly the outgoing traffic, originated from the server itself, allowed to pass. Still, setting a rule on outgoing traffic is always better in order to achieve more security and prevent unwanted communication. Incoming traffic is treated differently.
- Most traffic which reaches on the firewall is one of these three major Transport Layer protocols- TCP, UDP or ICMP. All these types have a source address and destination address. Also, TCP and UDP have port numbers. ICMP uses type code instead of port number which identifies purpose of that packet.
Default policy: It is very difficult to explicitly cover every possible rule on the firewall. For this reason, the firewall must always have a default policy. Default policy only consists of action (accept, reject or drop). Suppose no rule is defined about SSH connection to the server on the firewall. So, it will follow the default policy. If default policy on the firewall is set to accept, then any computer outside of your office can establish an SSH connection to the server. Therefore, setting default policy as drop (or reject) is always a good practice.
Types of Firewall
Firewalls can be categorized based on their generation.
1. Packet Filtering Firewall
Packet filtering firewall is used to control network access by monitoring outgoing and incoming packets and allowing them to pass or stop based on source and destination IP address, protocols, and ports. It analyses traffic at the transport protocol layer (but mainly uses first 3 layers). Packet firewalls treat each packet in isolation. They have no ability to tell whether a packet is part of an existing stream of traffic. Only It can allow or deny the packets based on unique packet headers. Packet filtering firewall maintains a filtering table that decides whether the packet will be forwarded or discarded. From the given filtering table, the packets will be filtered according to the following rules:
- Incoming packets from network 192.168.21.0 are blocked.
- Incoming packets destined for the internal TELNET server (port 23) are blocked.
- Incoming packets destined for host 192.168.21.3 are blocked.
- All well-known services to the network 192.168.21.0 are allowed.
2. Stateful Inspection Firewall
Stateful firewalls (performs Stateful Packet Inspection) are able to determine the connection state of packet, unlike Packet filtering firewall, which makes it more efficient. It keeps track of the state of networks connection travelling across it, such as TCP streams. So the filtering decisions would not only be based on defined rules, but also on packet’s history in the state table.
3. Application Layer Firewall
Application layer firewall can inspect and filter the packets on any OSI layer, up to the application layer. It has the ability to block specific content, also recognize when certain application and protocols (like HTTP, FTP) are being misused. In other words, Application layer firewalls are hosts that run proxy servers. A proxy firewall prevents the direct connection between either side of the firewall, each packet has to pass through the proxy.
4. Next Generation Firewalls (NGFW)
NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH inspection and many functionalities to protect the network from these modern threats.
5. Circuit Level Gateway Firewall
This works as the Sessions layer of the OSI Model's . This allows for the simultaneous setup of two Transmission Control Protocol (TCP) connections. It can effortlessly allow data packets to flow without using quite a lot of computing power. These firewalls are ineffective because they do not inspect data packets; if malware is found in a data packet, they will permit it to pass provided that TCP connections are established properly.
6. Software Firewall
A software firewall is any firewall that is set up locally or on a cloud server. When it comes to controlling the inflow and outflow of data packets and limiting the number of networks that can be linked to a single device, they may be the most advantageous. But the problem with software firewall is they are time-consuming.
7. Hardware Firewall
They also go by the name "firewalls based on physical appliances." It guarantees that the malicious data is halted before it reaches the network endpoint that is in danger.
8. Cloud Firewall
These are software-based, cloud-deployed network devices. This cloud-based firewall protects a private network from any unwanted access. Unlike traditional firewalls, a cloud firewall filters data at the cloud level.
Importance of Firewalls
So, what does a firewall do and why is it important? Without protection, networks are vulnerable to any traffic trying to access your systems, whether it's harmful or not. That's why it's crucial to check all network traffic.
When you connect personal computers to other IT systems or the internet, it opens up many benefits like collaboration, resource sharing, and creativity. But it also exposes your network and devices to risks like hacking, identity theft, malware, and online fraud.
Once a malicious person finds your network, they can easily access and threaten it, especially with constant internet connections.
Using a firewall is essential for proactive protection against these risks. It helps users shield their networks from the worst dangers.
What Does Firewall Security Do?
A firewall serves as a security barrier for a network, narrowing the attack surface to a single point of contact. Instead of every device on a network being exposed to the internet, all traffic must first go through the firewall. This way, the firewall can filter and block non-permitted traffic, whether it's coming in or going out. Additionally, firewalls help create a record of attempted connections, improving security awareness.
What Can Firewalls Protect Against?
- Infiltration by Malicious Actors: Firewalls can block suspicious connections, preventing eavesdropping and advanced persistent threats (APTs).
- Parental Controls: Parents can use firewalls to block their children from accessing explicit web content.
- Workplace Web Browsing Restrictions: Employers can restrict employees from using the company network to access certain services and websites, like social media.
- Nationally Controlled Intranet: Governments can block access to certain web content and services that conflict with national policies or values.
By allowing network owners to set specific rules, firewalls offer customizable protection for various scenarios, enhancing overall network security.
Advantages of Using Firewall
- Protection From Unauthorized Access: Firewalls can be set up to restrict incoming traffic from particular IP addresses or networks, preventing hackers or other malicious actors from easily accessing a network or system. Protection from unwanted access.
- Prevention of Malware and Other Threats: Malware and other threat prevention: Firewalls can be set up to block traffic linked to known malware or other security concerns, assisting in the defense against these kinds of attacks.
- Control of Network Access: By limiting access to specified individuals or groups for particular servers or applications, firewalls can be used to restrict access to particular network resources or services.
- Monitoring of Network Activity: Firewalls can be set up to record and keep track of all network activity.
- Regulation Compliance: Many industries are bound by rules that demand the usage of firewalls or other security measures.
- Network Segmentation: By using firewalls to split up a bigger network into smaller subnets, the attack surface is reduced and the security level is raised.
Disadvantages of Using Firewall
- Complexity: Setting up and keeping up a firewall can be time-consuming and difficult, especially for bigger networks or companies with a wide variety of users and devices.
- Limited Visibility: Firewalls may not be able to identify or stop security risks that operate at other levels, such as the application or endpoint level, because they can only observe and manage traffic at the network level.
- False Sense of Security: Some businesses may place an excessive amount of reliance on their firewall and disregard other crucial security measures like endpoint security or intrusion detection systems.
- Limited adaptability: Because firewalls are frequently rule-based, they might not be able to respond to fresh security threats.
- Performance Impact: Network performance can be significantly impacted by firewalls, particularly if they are set up to analyze or manage a lot of traffic.
- Limited Scalability: Because firewalls are only able to secure one network, businesses that have several networks must deploy many firewalls, which can be expensive.
- Limited VPN support: Some firewalls might not allow complex VPN features like split tunneling, which could restrict the experience of a remote worker.
- Cost: Purchasing many devices or add-on features for a firewall system can be expensive, especially for businesses.
Question: A packet filtering firewall can [ISRO CS 2013]
(A) Deny certain users from accessing a service
(B) Block worms and viruses from entering the network
(C) Disallow some files from being accessed through FTP
(D) Block some hosts from accessing the network
Answer: Option (D)
For more details you can refer ISRO | ISRO CS 2013 | Question 44 published quiz.
Similar Reads
Computer Network Tutorial
A Computer Network is a system where two or more devices are linked together to share data, resources and information. These networks can range from simple setups, like connecting two devices in your home, to massive global systems, like the Internet. Below are the main components of a computer netw
7 min read
Basics of Computer Network
Basics of Computer Networking
A computer network is a collection of interconnected devices that share resources and information. These devices can include computers, servers, printers, and other hardware. Networks allow for the efficient exchange of data, enabling various applications such as email, file sharing, and internet br
14 min read
Introduction to basic Networking Terminology
For a specific purpose if things are connected together, are referred to as a NETWORK. A network can be of many types, like a telephone network, television network, computer network, or even a people network. Similarly, a COMPUTER NETWORK is also a kind of setup, where it connects two or more device
4 min read
Goals of Networks
Computer Network means an interconnection of autonomous (standalone) computers for information exchange. The connecting media could be a copper wire, optical fiber, microwave, or satellite. Networking Elements - The computer network includes the following networking elements: At least two computers
4 min read
Basic Characteristics of Computer Networks
Computer networks allow multiple devices to connect and share resources like files, printers, and internet access. Key characteristics include the network's size (like local or wide area), the way data is transferred (wired or wireless), and the network's layout (such as star or mesh). These feature
5 min read
Challenges of Computer Network
In the age of Internet where everyone loves to work with their computers and smart phones it is impossible to think any work without networking. With advancement of technology use of computer networking is increasing rapidly. In general if we will see, we can feel also how important networking is th
4 min read
Physical Components of Computer Network
The physical components of a computer network include hardware devices and media that enable connectivity and data exchange between devices. The server, client, peer, transmission media, and connecting devices make up the hardware components. A computer network is made up of several computers connec
6 min read
Network Hardware and Software
Types of Computer Networks
A computer network is a system that connects many independent computers to share information (data) and resources. The integration of computers and other different devices allows users to communicate more easily. It is a collection of two or more computer systems that are linked together. A network
11 min read
LAN Full Form - Local area network
A Local area network (LAN) is a network that is used to link devices in a single office, building, or campus of up to a short distance. LAN is restricted in size. In LAN networks internet speed is from 10 Mbps to 100 Mbps (But now much higher speeds can be achieved). The most common topologies used
10 min read
How to Set Up a LAN Network?
LAN (Local Area Network) is a data communication network that locally connects network devices such as workstations, servers, routers, etc. to share the resources within a small area such as a building or campus. Physical or wireless connections are set up between workstations to share the resources
4 min read
MAN Full Form in Computer Networking
A Metropolitan Area Network (MAN) is a type of computer network that spans over a metropolitan area, typically a city. It provides high-speed data communication services such as video, audio, and data transfer between multiple LANs (Local Area Networks) and WANs (Wide Area Networks). The main purpos
9 min read
MAN Full Form
MAN stands for Metropolitan Area Network and it is made by connecting multiple LANs. MAN covers a geographical area which is known as the metropolitan area. It serves as a connection that is larger than LAN(Local Area Network) but smaller than WAN(Wide Area Network). It generally covers the area of
5 min read
WAN Full Form
A WAN (Wide Area Network) is to connect multiple smaller Local Area Networks (LANs). It is a computer network designed. WANs can help in communication, the sharing of information, and much more between systems or devices from around the world through a WAN provider. What is a WAN?WAN stands for Wide
5 min read
Introduction of Internetworking
Internetworking is composed of 2 words, inter and networking, which implies an association between totally different nodes or segments. This connection area unit is established through intercessor devices, such as routers or gateways. The first term for associate degree internetwork was Catenet. Thi
8 min read
Difference between Internet, Intranet and Extranet
Networks are crucial in today’s globalized world because they allow the acquisition, exchange, and organization of knowledge. Of all the first order networks the Internet, Intranet, and Extranet are commonly utilized for various applications. Every network type meets specific roles that are required
5 min read
Protocol Hierarchies in Computer Network
A Protocol Hierarchy is a fixed set of rules and conventions that govern the communication between two or more computers. The hierarchical structure allows for modular design, interoperability, and ease of implementation in computer networks. What is Protocol?A protocol is simply defined as a set of
3 min read
Network Devices (Hub, Repeater, Bridge, Switch, Router, Gateways and Brouter)
Network devices are physical devices that allow hardware on a computer network to communicate and interact with each other. Network devices like hubs, repeaters, bridges, switches, routers, gateways, and brouter help manage and direct data flow in a network. They ensure efficient communication betwe
9 min read
Introduction of a Router
Network devices are physical devices that allow hardware on a computer network to communicate and interact with one another. For example Repeater, Hub, Bridge, Switch, Routers, Gateway, Router, and NIC, etc. What is a Router?A Router is a networking device that forwards data packets between computer
12 min read
Introduction of Gateways
A gateway is a network connectivity device that connects two different configuration networks. Gateways are also known as protocol converters, because they play an important role in converting protocols supported by traffic on different networks. As a result, it allows smooth communication between t
5 min read
What is a Network Switch and How Does it Work?
The Switch is a network device that is used to segment the networks into different subnetworks called subnets or LAN segments. It is responsible for filtering and forwarding the packets between LAN segments based on MAC address. Switches have many ports, and when data arrives at any port, the destin
9 min read
OSI Model
What is OSI Model? - Layers of OSI Model
The OSI (Open Systems Interconnection) Model is a set of rules that explains how different computer systems communicate over a network. OSI Model was developed by the International Organization for Standardization (ISO). The OSI Model consists of 7 layers and each layer has specific functions and re
13 min read
Physical Layer in OSI Model
The physical Layer is the bottom-most layer in the Open System Interconnection (OSI) Model which is a physical and electrical representation of the system. It consists of various network components such as power plugs, connectors, receivers, cable types, etc. The physical layer sends data bits from
4 min read
Data Link Layer in OSI Model
The data link layer is the second layer from the bottom in the OSI (Open System Interconnection) network architecture model. It is responsible for the node-to-node delivery of data within the same local network. Its major role is to ensure error-free transmission of information. DLL is also responsi
5 min read
Session Layer in OSI model
The Session Layer is the 5th layer in the Open System Interconnection (OSI) model which plays an important role in controlling the dialogues (connections) between computers. This layer is responsible for setting up, coordinating, and terminating conversations, exchanges, and dialogues between the ap
6 min read
Presentation Layer in OSI model
Presentation Layer is the 6th layer in the Open System Interconnection (OSI) model. This layer is also known as Translation layer, as this layer serves as a data translator for the network. The data which this layer receives from the Application Layer is extracted and manipulated here as per the req
4 min read
Application Layer in OSI Model
The Application Layer of OSI (Open System Interconnection) model, is the top layer in this model and takes care of network communication. The application layer provides the functionality to send and receive data from users. It acts as the interface between the user and the application. The applicati
5 min read
TCP/IP Model
TCP/IP Model
The TCP/IP model (Transmission Control Protocol/Internet Protocol) is a four-layer networking framework that enables reliable communication between devices over interconnected networks. It provides a standardized set of protocols for transmitting data across interconnected networks, ensuring efficie
7 min read
TCP/IP Ports and Its Applications
A port is like a logical address for different types of internet communication. Each type of service (like websites or email) has its port where data is sent and received. You can think of it as a mailbox where messages are delivered. When data comes in, it goes to the right port (mailbox), and the
7 min read
What is TCP (Transmission Control Protocol)?
Transmission Control Protocol (TCP) is a connection-oriented protocol for communications that helps in the exchange of messages between different devices over a network. It is one of the main protocols of the TCP/IP suite. In OSI model, it operates at the transport layer(Layer 4). It lies between th
5 min read
TCP 3-Way Handshake Process
The TCP 3-Way Handshake is a fundamental process that establishes a reliable connection between two devices over a TCP/IP network. It involves three steps: SYN (Synchronize), SYN-ACK (Synchronize-Acknowledge), and ACK (Acknowledge). During the handshake, the client and server exchange initial sequen
6 min read
Services and Segment structure in TCP
The Transmission Control Protocol is the most common transport layer protocol. It works together with IP and provides a reliable transport service between processes using the network layer service provided by the IP protocol. The various services provided by the TCP to the application layer are as f
5 min read
TCP Connection Establishment
TCP (Transmission Control Protocol) is a core internet protocol that ensures reliable, ordered, and error-checked delivery of data between computers. It establishes a connection using a three-way handshake before data transfer begins, allowing both devices to synchronize and agree on communication p
4 min read
TCP Connection Termination
In TCP 3-way Handshake Process we studied that how connections are established between client and server in Transmission Control Protocol (TCP) using SYN bit segments. In this article, we will study how TCP close connection between Client and Server. Here we will also need to send bit segments to a
5 min read
TCP Timers
TCP uses several timers to ensure that excessive delays are not encountered during communications. Several of these timers are elegant, handling problems that are not immediately obvious at first analysis. Each of the timers used by TCP is examined in the following sections, which reveal its role in
3 min read
Fast Recovery Technique For Loss Recovery in TCP
When the RTO timer expires but an ACK is not received, the sender confirms that the packet is lost due to congestion at intermediary devices. Now sender has to tackle this congestion state carefully. Fast Recovery is the packet loss recovery technique. Recovery means becoming inactive and not transm
4 min read
Difference Between OSI Model and TCP/IP Model
Data communication is a process or act in which we can send or receive data. Understanding the fundamental structures of networking is crucial for anyone working with computer systems and communication. For data communication two models are available, the OSI (Open Systems Interconnection) Model, an
5 min read
Medium Access Control
MAC Full Form - Media Access Control
MAC refers to Media Access Control, which is an important issue in network technology. In simple words, MAC is a series of rules through which devices can transfer data among them in a network. When a device is connected to a network, it obtains a unique MAC address. It identifies a device connected
5 min read
Channel Allocation Problem in Computer Network
The Channel Allocation Problem arises in communication networks when multiple devices need to share a limited number of communication channels. The goal is to efficiently allocate channels to devices while avoiding interference, reducing congestion, and optimizing network performance. Channel alloca
4 min read
Multiple Access Protocols in Computer Network
Multiple Access Protocols are methods used in computer networks to control how data is transmitted when multiple devices are trying to communicate over the same network. These protocols ensure that data packets are sent and received efficiently, without collisions or interference. They help manage t
9 min read
Carrier Sense Multiple Access (CSMA)
Carrier Sense Multiple Access (CSMA) is a method used in computer networks to manage how devices share a communication channel to transfer the data between two devices. In this protocol, each device first sense the channel before sending the data. If the channel is busy, the device waits until it is
9 min read
Collision Detection in CSMA/CD
CSMA/CD (Carrier Sense Multiple Access/ Collision Detection) is a media access control method that was widely used in Early Ethernet technology/LANs when there used to be shared Bus Topology and each node ( Computers) was connected by Coaxial Cables. Nowadays Ethernet is Full Duplex and Topology is
7 min read
Controlled Access Protocols in Computer Network
Controlled Access Protocols (CAPs) in computer networks control how data packets are sent over a common communication medium. These protocols ensure that data is transmitted efficiently, without collisions, and with little interference from other data transmissions. In this article, we will discuss
6 min read
IP Addressing
What is IPv4?
IP stands for Internet Protocol version v4 stands for Version Four (IPv4), is the most widely used system for identifying devices on a network. It uses a set of four numbers, separated by periods (like 192.168.0.1), to give each device a unique address. This address helps data find its way from one
5 min read
What is IPv6?
The most common version of the Internet Protocol currently is IPv6. The well-known IPv6 protocol is being used and deployed more often, especially in mobile phone markets. IP address determines who and where you are in the network of billions of digital devices that are connected to the Internet. It
5 min read
Introduction of Classful IP Addressing
An IP address is an address that has information about how to reach a specific host, especially outside the LAN. An IP address is a 32-bit unique address having an address space of 232.Classful IP addressing is a way of organizing and managing IP addresses, which are used to identify devices on a ne
11 min read
Classless Addressing in IP Addressing
The Network address identifies a network on the internet. Using this, we can find a range of addresses in the network and total possible number of hosts in the network. Mask is a 32-bit binary number that gives the network address in the address block when AND operation is bitwise applied on the mas
7 min read
Classful vs Classless Addressing
Classful and Classless addressing are methods used in networking to manage IP addresses. Classful addressing divides IP addresses into fixed classes (A, B, C, D, E), each with predefined ranges. In contrast, classless addressing, also known as CIDR (Classless Inter-Domain Routing), offers more flexi
6 min read
Classless Inter Domain Routing (CIDR)
Classless Inter-Domain Routing (CIDR) is a method of IP address allocation and IP routing that allows for more efficient use of IP addresses. CIDR is based on the idea that IP addresses can be allocated and routed based on their network prefix rather than their class, which was the traditional way o
6 min read
Supernetting in Network Layer
Supernetting is the opposite of Subnetting. In subnetting, a single big network is divided into multiple smaller subnetworks. In Supernetting, multiple networks are combined into a bigger network termed a Supernetwork or Supernet. In this article, we'll explore the purpose and advantages of supernet
4 min read
Introduction To Subnetting
Subnetting is the process of dividing a large network into smaller networks called "subnets." Subnets provide each group of devices with their own space to communicate, which ultimately helps the network to work easily. This also boosts security and makes it easier to manage the network, as each sub
8 min read
Difference between Subnetting and Supernetting
Subnetting is the procedure to divide the network into sub-networks or small networks, these smaller networks are known as subnets. The subnet is also defined as an internal address made up of a combination of a small network and host segments. In a subnet, a few bits from the host portion are used
4 min read