Scribd
Upload
59 views

What Is A Firewall?: Network-Level Firewalls

A firewall monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on security rules. Firewalls can be hardware, software, or a combination. They establish a barrier between internal trusted networks and external untrusted networks like the Internet to prevent unauthorized access and malware while controlling communications. Firewall types include network-level packet filters, application-level proxies, unified threat management, and next-generation firewalls with more advanced capabilities.

Uploaded by

gaurav sharma
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
59 views

What Is A Firewall?: Network-Level Firewalls

A firewall monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on security rules. Firewalls can be hardware, software, or a combination. They establish a barrier between internal trusted networks and external untrusted networks like the Internet to prevent unauthorized access and malware while controlling communications. Firewall types include network-level packet filters, application-level proxies, unified threat management, and next-generation firewalls with more advanced capabilities.

Uploaded by

gaurav sharma
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

What Is a Firewall?

A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to
allow or block specific traffic based on a defined set of security rules.
Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured
and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet.
A firewall can be hardware, software, or both.
A firewall is a device installed between the internet network of an organization and the rest of Internet. When
a computer is connected to Internet, it can create many problems for corporate companies. Most companies put a large
amount of confidential information online. Such information should not be disclosed to the unauthorized persons.
Second problem is that the virus, worms and other digital pests can breach the security and can destroy the valuable data.
The main purpose of a firewall is to separate a secure area from a less secure area and to control communications
between the two. Firewall also controlling inbound and outbound communications on anything from a single machine to
an entire network.
On the Other Hand Software firewalls, also sometimes called personal firewalls, are designed to run on a single
computer. These are most commonly used on home or small office computers that have broadband access, which tend to
be left on all the time.
A software firewall prevents unwanted access to the computer over a network connection by identifying and preventing
communication over risky ports. Computers communicate over many different recognized ports, and the firewall will
tend to permit these without prompting or alerting the user.

A firewall can serve the following functions:


1- Limit Internet access to e-mail only, so that no other types of information can pass between the intranet and the
Internet
2- Control who can telnet into your intranet (a method of logging in remotely
3- Limit what other kinds of traffic can pass between your intranet and the Internet .
A firewall can be simple or complex, depending on how specifically you want to control your Internet traffic. A simple
firewall might require only that you configure the software in the router that connects your intranet to your ISP. A more
complex firewall might be a computer running UNIX and specialized software.
Firewall systems fall into two categories
• network-level • application-level.
Network-Level Firewalls
It can be used as packet filter. These firewalls examine only the headers of each packet of information passing to or from
the Internet. The firewall accepts or rejects packets based on the packet’s sender, receiver, and port. For example, the
firewall might allow e-mail and Web packets to and from any computer on the intranet, but allow telnet (remote login)
packets to and from only selected computers.
Packet filter firewall maintains a filtering table that decides which packets are to be forwarded or discarded. A packet
filter firewall filters at the network or transport layer.
As shown in fig. the packets are filtered according to following specifications :

1. Incoming packets from network 124.56.0.2 are block (* means any).


2. Incoming packets destined for any internal TELNET server (port 23) are blocked.
3. Incoming packets for internal host 156.255.7.8.8 are blocked.
4. Outgoing packets destined for an HTTP server (port 80) are blocked i.e. employees of organization are not allowed to
browse the internet and cannot send any HTTP request.
Application-Level Firewalls
These firewalls handle packets for each Internet service separately, usually by running a program called a proxy
server, which accepts e-mail, Web, chat, newsgroup, and other packets from computers on the intranet, strips off the
information that identifies the source of the packet, and passes it along to the Internet.
When the replies return, the proxy server passes the replies back to the computer that sent the original message. A proxy
server can also log all the packets that pass by, so that you have a record of who has access to your intranet from the
Internet, and vice versa.
Types of firewalls
Proxy firewall
An early type of firewall device, a proxy firewall serves as the gateway from one network to another for a specific
application. Proxy servers can provide additional functionality such as content caching and security by preventing direct
connections from outside the network. However, this also may impact throughput capabilities and the applications they
can support.
Stateful inspection firewall
Now thought of as a “traditional” firewall, a stateful inspection firewall allows or blocks traffic based on state, port, and
protocol. It monitors all activity from the opening of a connection until it is closed. Filtering decisions are made based on
both administrator-defined rules as well as context, which refers to using information from previous connections and
packets belonging to the same connection.
Unified threat management (UTM) firewall
A UTM device typically combines, in a loosely coupled way, the functions of a stateful inspection firewall with intrusion
prevention and antivirus. It may also include additional services and often cloud management. UTMs focus on simplicity
and ease of use.
Next-generation firewall (NGFW)
Firewalls have evolved beyond simple packet filtering and stateful inspection. Most companies are deploying next-
generation firewalls to block modern threats such as advanced malware and application-layer attacks.
According to Gartner, Inc.’s definition, a next-generation firewall must include:
 Standard firewall capabilities like stateful inspection
 Integrated intrusion prevention
 Application awareness and control to see and block risky apps
 Upgrade paths to include future information feeds
 Techniques to address evolving security threats
While these capabilities are increasingly becoming the standard for most companies, NGFWs can do more.
Threat-focused NGFW
These firewalls include all the capabilities of a traditional NGFW and also provide advanced threat detection and
remediation. With a threat-focused NGFW you can:
 Know which assets are most at risk with complete context awareness
 Quickly react to attacks with intelligent security automation that sets policies and hardens your defenses dynamically
 Better detect evasive or suspicious activity with network and endpoint event correlation
 Greatly decrease the time from detection to cleanup with retrospective security that continuously monitors for
suspicious activity and behavior even after initial inspection
 Ease administration and reduce complexity with unified policies that protect across the entire attack continuum

You might also like