What is a Firewall?
A firewall is a software or firmware that prevents unauthorized access to a network which works as a cybersecurity tool used to filter traffic on a network. These are a comprehensive security framework for your network. They an integral part of a firewall that inspects incoming and outgoing traffic using a set of rules to identify and block threats. The primary goal of a firewall is to block malicious traffic requests and data packets. You can use firewalls in both personal and enterprise settings, and many devices come with built-in Mac, Windows, and Linux computers. You can use this firewall in hardware or software form, or a combination of both.
How does a Firewall work?
The firewall acts as a border between your computer and the connected network. The firewall monitors all incoming and outgoing packets of the network. Observes the program based on the rules made by humans. All these rules can depend on the demand, requirement, and security policies defined by the organization. These rules will tell which packets will be allowed by the network to block or not. If a packet contains a threat or a block of threads as described in the rules, that packet will not be allowed, although there are many policies the firewall defines these three default policies.
- Accept: This allows traffic to pass.
- Drop: Network packages are dropped directly into it.
- Reject: This causes traffic to be rejected or blocked and in addition, it will reply with an error message.
What Firewalls Do?
Firewalls are capable of performing the following tasks:
- Act as an intermediary
- Record and report on events
- Defend resources
- Manage and control network traffic
- Validate access
Types of Firewall
- Software Firewall
- Hardware Firewall
- Acting as a proxy server
- Circuit-level gateway implementation
- Packet filtering
- Next-Generation Firewall
- Stateful Inspection Firewalls
Software firewalls include any type of firewall that is installed in a computer rather than a piece of hardware and provides security because each individual network endpoint is isolated from the others. Windows Firewall is an example of a software firewall.
Hardware firewalls are hardware devices that most routers have. A hardware firewall protects your computer from malicious traffic from external networks because they are interrupted and blocked before they reach the internal network. Cisco ASA 5540 Series Firewall is an example of a hardware firewall.
Acting as a proxy server
A proxy server is like a gateway that hides the original network address of the computer that connects through it. The proxy server usually Connects to the Internet and requests a connection to the page server, and retrieves further data from the computer.
Circuit-level gateway implementation
This is usually the OSI model that works on the session layer and the TCP 3-way handshake is valid as per the rules or not. It is highly efficient but it does not check the firewall packets themselves. But if the malware is present in a packet and passes the TCP handshake test, it will pass through the firewall, and the device will be at risk.
This is the oldest in a packet filtering firewall when a packet goes through this firewall, it checks its source address, destination address, port number, and protocols without opening the packet. Packet filtering firewalls are suitable for low budget networks while Packet filtering firewalls operate on the network layer and are vulnerable to spoofing.
The new firewalls that have been released are usually advertised as next-generation architecture. All these firewalls have some features. It checks data packets and protects SSL / SSH from inspections of HTTP prone attacks and IPS (Intrusion Prevention System – it works to automatically prevent attacks against your Network). There is no proper definition of a next-generation firewall, so you should check the capabilities of the firewall before purchasing this generation firewall.
Stateful Inspection Firewalls
Stateful Inspection Firewalls are also called dynamic packet filtering firewalls. Generally, Stateful Inspection Firewalls track the open connections of all networks and checks if a new packet arrives if it is an open connection. It permits to do this, but if the new packet does not belong to the open connection, then it checks the packets according to the rules set for the new connection.