What is a Firewall? | How it works?

A firewall is a protection system that acts as a filter for data entering or leaving a network or computer over the Internet. You can think a  firewall as a security guard that decides who will enter or exit a building.

These Firewalls have been a first line of defense in network security for several years. They establish a barrier between secured and controlled internal networks that can be trusted with a untrusted outside networks, such as the Internet. It allows or restricts the traffic based on a defined set of security rules. Firewalls are commonly used to help prevent unauthorized access to both company and home networks. A firewall can be hardware based, software based or both.

Types of firewalls based on physical appearance

These are available in two types in terms of physical appearance software and hardware firewall.

Software firewalls

This type of firewall is a piece of program which is designed to protect a computer by blocking certain programs and traffic from sending and receiving information from a local network or the Internet. In windows by default a firewall is embedded with operating system which restricts the computer from getting unwanted traffic.

Hardware firewalls

These types of firewall will look like a router or network switch. It is used in big organizations to protect from unwanted traffic. These are mostly placed in data centers and 90% of the traffic passes through these firewall. These are configured manually as per the requirement.

Types of firewalls

Proxy firewall

This is one of the oldest type of firewall device which is still available and used. A proxy firewall serves as the gateway from one network to another for a specific application. Proxy firewalls also provide additional functionality such as content caching and security by preventing direct connections from outside the network.

Proxy firewalls act as mediator as it accept all traffic requests coming into the network by pretending to be the actual recipient of the traffic within the network. Post verification, if the firewall decides to grant access, the proxy sends traffic to the destination computer. Again the destination computer’s reply traffic is sent back to the proxy, which repackages the information with the source address of the proxy server. In this process, the proxy terminates the connection between two computers so that the internal computers can be secured and the proxy firewall responds to the outside world.

Stateful inspection firewall

These firewall allows or blocks traffic based on 3 parameters which are state, port, and protocol. It classifies traffic by looking at the destination port and it monitors all activity from the opening of a connection until it is closed.

These features add more accessibility to access control. They have the ability to allow or reject access based on port and protocol. After receiving a packet the firewall checks if a connection has already been established previously or if the request for the incoming packet has been made by an host internally. If nothing is found then, the packet’s access is done based on rule set in security policy.

Stateful firewall filtering is scalable and transparent to users. This provides an extra layer of protection which adds complexity to network security infrastructure.

Unified threat management (UTM) firewall

An UTM gadget normally consolidates, in an approximately coupled manner, the elements of a stateful assessment firewall with interruption aversion and antivirus. It might likewise incorporate extra administrations and regularly cloud administration. UTMs concentrate on straightforwardness and usability.

Brought together Threat Management (UTM) arrangements were at first characterized as the union of stateful investigation firewalls, antivirus, and IPS into a solitary apparatus. After some time, the UTM definition has extended to incorporate numerous other system security capacities.

Note that the accomplishment of UTMs depends on the adequacy of the stateful assessment based firewall choice that goes before the majority of its segment capacities. This is on account of UTM segments, while in a solitary gadget, are successfully downstream security administrations. In this manner, the workload of all security parts inside the system will be controlled by the quality of its entrance control. In spite of the fact that UTMs give various security works in a single item, the key access control innovation stays unaltered.

Next-generation firewall (NGFW)

Firewalls have developed past basic parcel sifting and stateful investigation. Most organizations are sending cutting edge firewalls to piece present day dangers, for example, progressed malware and application-layer attacks. Next-age firewalls (NGFWs) were made in light of the developing refinement of uses and malware. Application and malware designers have to a great extent outsmarted the long-standing port-based characterization of activity by building port avoidance procedures into their projects. Today, malware piggybacks these applications to enter organizes and turned out to be progressively arranged themselves (associated with each other on the PCs they separately tainted).

NGFWs go about as a stage for arrange security strategy authorization and system movement review. Per innovation examine firm Gartner Inc., They are characterized by the accompanying characteristics:

Standard abilities of the original firewall: This incorporates bundle sifting, stateful convention examination, arrange address interpretation (NAT), VPN network, and so on.

Genuinely incorporated interruption avoidance: This incorporates bolster for both powerlessness confronting and danger confronting marks, and proposing standards (or making a move) in light of IPS action. The whole of these two capacities teaming up by means of the NGFW is more noteworthy than the individual parts.

Full stack perceivability and application ID: Capacity to uphold strategy at the application layer autonomously from port and convention.

Additional insight: Capacity to take data from outside sources and settle on enhanced choices. Illustrations incorporate making boycotts or whitelists and having the capacity to delineate to clients and gatherings utilizing dynamic registry.

Flexibility to the cutting edge danger scene: Bolster overhaul ways for combination of new data sustains and new systems to address future dangers.

While these abilities are progressively turning into the standard for most organizations, NGFWs can accomplish more.

Threat-focused NGFW

These firewalls incorporate every one of the capacities of a conventional NGFW and furthermore give propelled risk recognition and remediation. With a danger centered NGFW you can:

  • Know which resources are most at risk with finish setting mindfulness
  • Rapidly respond to attacks with wise security computerization that sets arrangements and solidifies your barriers progressively
  • Better distinguish shifty or suspicious activity with system and endpoint occasion connection.
  • Extraordinarily diminish the time from location to cleanup with review security that consistently screens for suspicious movement and conduct even after introductory assessment.
  • Straightforwardness organization and lessen complexity with brought together strategies that ensure over the whole assault continuum.

Arabindo Biswas

Arabindo is a owner of this website and a server admin by profession. He has deep interest in all technology topics whatsoever.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.