The over-25-year-old firewall is the first line of defense for network security. It forms a barrier between internal networks (secure and controlled) and external networks that may or may not be trusted, such as the Internet. In this article, we see what it is, what it is for and what applications it is.
Translated from English, it means “firebreak”. It is, in fact, a very important component of computer security, comparable to a wall built inside a building to limit the spread of fires.
What Is A Firewall
The firewall is, therefore, a system or group of systems that operate access control on network traffic, unlike a router that only directs network traffic. Once you define the connectivity levels you want to provide, it ensures that no access beyond those already defined is allowed. It also ensures that all network users respect the access control policy.
Computer firewalls perform the same function: they control data traffic in both directions to prevent fire (the entry or exit of connections dangerous to the system) from causing damage.
If you are using a Windows or macOS operating system, your computer is protected by an internal firewall.
What Is A Firewall For?
Like other network devices, firewalls have the task of controlling network traffic. However, unlike other network devices, they have to monitor the traffic, realizing that not all data packets they see may be what they seem.
They operate on the assumption that hosts might try to trick them into fraudulently capturing information. The firewall cannot use communication rules as support but must assume that the rules are being followed. This eventuality greatly influences the design of firewalls, which must take into account every possibility.
When Do You Use A Firewall?
Firewalls are typically used to control access between an internal and external network, typically the Internet. However, there are several other situations in which they are used. They can, for example, be used to control access via modem calls, for external connections to remote business partners, or even to control traffic within a network, dividing it into internally controlled areas.
What Does The Firewall Do In The Network?
In information technology and computer networks, a firewall is a hardware and software component for the perimeter defense of a network, originally passive.
We can compare it to a filter that controls data traffic, blocking dangerous or unwanted transmissions based on a series of specific rules.
Most firewalls already have standard rules by default, the end user can add other customizations (rules), to manage their needs.
Of course, there are various types of firewalls, each of which analyzes certain characteristics of data transmissions.
The firewall sits between the external network (the world of the Internet) and the internal network of the company or home.
From a theoretical point of view, the internal network is considered known, safe, reliable and protected. At the same time, the external one is the presumed source of potential threats, as overall, it is unknown and insecure, not reliable.
Two Criteria For Applying The Rules
Most firewalls use one of these two rule enforcement criteria:
Only what is explicitly authorized is allowed, while the rest is forbidden.
Only what is explicitly forbidden is blocked, while the rest is allowed.
Default denial is the most used criterion because it guarantees greater security and greater precision in creating the rules.
For this reason, the first time you start an application connected to the Internet in Windows, the operating system shows you a message asking you to authorize or block its connection.
The second criterion allows for easier and faster configuration of the rules.
What Are The Types Of Firewalls?
Here are the main types:
With Packet Filter
On the net, data is transmitted using protocols, the most common being TCP/IP. The data set is divided into “packets”. The sender contacts the receiver and sends reply packets when the receiver accepts the connection.
Each packet has a label called a header containing various pieces of information that allow the recipient to reconstruct the original data sent, including IP addresses, destination port and related transmission protocol. This type of firewall (packet filter) analyzes the data contained in these labels, makes a comparison with the set filtering rules and decides whether to block or let the connection pass quietly.
This type is reliable but is limited because it is exposed to several modern threats, such as IP spoofing (IP substitution).
These limitations were addressed by creating firewalls that also monitor the state of the connection.
Connection Status Analysis
This type of firewall, “stateful inspection”, analyzes the data packets, the state of the connection, the ports used on the various connected computers, and the transmission protocols. To date, this type is considered an industry standard, and most firewall applications/software implement its features.
At The Application Level
Dedicated to a single application, they act as intermediaries in data communication between it and the external network.
They perform deeper analysis and can block connections in real-time. They are enterprise-level solutions when the level of security required is very high and powerful devices are available, which are not affected by the slowdown caused by the firewall activity.
Next Generation Firewalls
Known as a “next-generation firewall,” this type has intrusion and prevention capabilities with application monitoring. These are software for companies or people with special needs; they require supervision by expert personnel and are compared to an anti-theft system for a building.
Unified Threat Management (UTM)
They are integral cybersecurity systems that differ from next-generation firewalls because there are versions for medium-profile end users that are simple to use and cheaper.
The Panda Dome model includes a customizable firewall, VPN services and antivirus protection, and application control and management features.
When was the first firewall created?
To try to thwart intrusions, the first firewalls were introduced at the end of the 1980s. The first generation was packet filter firewalls or stateless firewalls, the first example developed in 1988 by Digital Equipment Corporation.
Who Created the First Firewall?
The first stateful firewall (also called a circuit-level gateway) was developed between 1989 and 1990 by AT&T Bell Laboratories.
Also Read: Ransomware, What To Expect In 2023