Firewall is an important and extensive tool for IT security. Writing about firewalls in depth is one of my targets for this blog on IT security. So, to set the ball rolling I’ll start with the basics of firewalls . For today I’ll start the discucssion with firewall basics.
The important part of firewall basics are, so I’ll answer the four basic questions:
- What is A Firewall
- What is The Need of Firewalls.
- What Are Basic Firewall Technologies.
- What Are Firewall Capabilities.
- What Are Firewall Limitations.
What is A Firewall
A firewall is a protection layer between your server on internet and rest of the internet world. This way it helps to protect your server from external attacks from internet. It also helps to avoid unnecessary traffic to your server on internet.
What is The Need of Firewalls
The growth of internet is increasing the security risks as well. The time comes when you have to connect your server to the internet for live services like email, webservices and several others. At this time::
- People should access only specific services at your server on internet. You want to block rest of the traffic to your server.
- You want to protect your server and hence network from external threats like hackers.
- You want to block internal users to access only specific services outside of your network.
- You want to restrict the type of information the users can access from internet.
- You want to protect unauthorized users to access information inside your network.
What Are Basic Firewall Technologies
There are several firewall technologies out there. The type of services are:
- Packet filtering The one of the most basic types of firewall technologies. This helps to filter the type of traffic which can pass through the firewall.
- Application Gateway/ProxyThe application gateway or application proxy is a software which runs on a firewall and intercepts the traffic for a particular application. It acts as a middleman. The internal user will connect to the application gateway and application gateway connects the user to the requested server. Similarly external user connects to the application gateway and the gateway connects the user to some server inside you network. This way certain features of the application can be allowed or disallowed as per your security policy.
- Other TechnologiesDMZ(Demiliterized zones), secrificial hosts, hardware firewalls, software firewalls and so on. In later articles I’ll be discussing each one in quite detail.
What Are Firewall Capabilities
The firewalls have various capabilities and can act as swiss army knife for you if you know the nitty-gritty of firewalls.
The capabilities are discussed as below:
- It keeps internal network and servers safe from outer attacks. The information is hidden from outside network.
- It provides safety from insecure protocols.
- It provides log files as audit trails for whatever happened in past since the firewall was implemented. Specifically break-in attempts can be useful.
- It can provide the single point of contact from security point of view.
- It can provide Network Address Translation capability which means when a user access any service outside your network, their original IP address is not revealed to the outside world, instead your network’s external IP is revealed. So the process becomes transparent.
What Are Firewall Limitations
Along with capabilities, firewall has limitations too. The firewall limitations are discussed as below:
- No protection from internal hackers. The hackers inside your network can access various areas of your IT infrastructure. So, for the security in those areas, firewall won’t do anything.
- The viruses are controllable upto some extent, but lot of viruses pass through un-noticed.
- Just like virus traffic, trojans also pass through un-noticed. So, internal host level security is required to fight with those attacks.
- No protection from physical outages or social engineering attacks.
- Using a firewall is not a game for the poor players. You need to be knowledgeable about all these technologies to secure your network.
In the days to come, I am going to discuss firewalls in detail. Keep visiting and stay informed. Remember to bookmark this page and also subscribe to our newsletter for keeping in touch with IT security.