Firewall
What is a firewall ?
A firewall is a network security tool whose main purpose is to monitor incoming and outgoing network communications and report that some of them cross or block them based on a specific set of security rules. Firewalls create a barrier between controlled and trusted internal networks and unreliable outside the network, such as the Internet. A firewall can be in the form of hardware or software, or both. Firewalls work to prevent unauthorized Internet users from accessing private networks connected to the Internet, particularly internal networks known as Intranet. All incoming or outgoing network communications over the private network must pass through the firewall for the purpose of checking them and making sure that they are free of any harmful content and thus allow their passage and block the harmful ones that do not comply with the specified security standards. That is, the firewall is a filter and filter.
Software Firewalls : These programs are designed to protect the computer by blocking some programs from sending and receiving information from the local network or the Internet. A famous example of a program for firewalls is the Windows Firewall, which comes integrated with the Windows software from the Windows company.
Hardware Firewalls : These hardware are found in most network routers and can be set up via the Router Setup Screen. An example of this equipment is ZyXEL from ZyWALL which is a unified security gateway that comes with a firewall and other security features.
How does a firewall work?
The firewall analyzes the incoming data traffic based on predefined rules as mentioned previously and filters the incoming traffic from unsecured or suspicious sources to prevent attacks. Firewalls protect data traffic at the data entry point in a computer, called the port, at which information is exchanged with external devices. For example: My source address 172.18.1.1 is allowed to reach the destination 172.18.2.1 via carrier 22.
It's more like houses and rooms. Considering that IP addresses are homes and vectors are the rooms in the house, only trusted people (source addresses) are allowed to enter the home (target address) and then are filtered again so that only people in the house are allowed to enter specific rooms (target vectors) Depending on whether they are homeowners, children, or guests. The owner of the house is allowed to enter any room (i.e. the carrier) while children and guests only enter specific rooms (specific buses).
Types of firewalls
1- Proxy Firewall : It is an old type of firewall. The Proxy Firewall acts as a gateway to enter the gateway between one network and another for a specific application. Proxy servers can provide additional functionality such as content caching as well as security by preventing direct connections from outside the network. This type can affect production capabilities and the applications it supports.
2- Stateful Inspection Firewall : means the inspection firewall, and this type is considered as a “traditional” firewall. This type of firewall permits or blocks traffic or communications based on state, carrier, and protocol. He monitors all activities from the first moment of contact to begin until it is closed and makes liquidation decisions based on the rules set by the director as well as the "context". Context is the use of information from past connections and packets of the same connection.
3- UTM Firewall : This acronym stands for Unified Threat Management, which means unified management to deal with threats. A UTM firewall usually combines the functionality of a firewall and antivirus software. It can include some additional services such as managing cloud services. UTM Firewalls focus on simplicity and ease of use.
4- Next-generation Firewall : It means the future firewall and this type is referred to by the abbreviation NGFW, which is an advanced firewall that is not only for filtering packages or for checking the condition. Most companies employ these sophisticated types of firewalls to block modern threats such as sophisticated malware and application attacks. These types of firewalls are required to include:
- Capabilities of a modular firewall as state inspection.
- Integrated intrusion prevention capability
- Application awareness and control to see and block dangerous applications
- Upgrade tracks and feed them future information
- Technology to address escalating security threats
Comments
Post a Comment