Firewall: Some Basic Ideas

On June 24, 2010, in Firewalls, by Ganesh Dutt Sharma

Firewall is an important and extensive tool for IT security. Writing about firewalls in depth is one of my targets for this blog on IT security. So, to set the ball rolling I’ll start with the basics of firewalls . For today I’ll start the discucssion with firewall basics.

The important part of firewall basics are, so I’ll answer the four basic questions:

  1. What is A Firewall
  2. What is The Need of Firewalls.
  3. What Are Basic Firewall Technologies.
  4. What Are Firewall Capabilities.
  5. What Are Firewall Limitations.

What is A Firewall

A firewall is a protection layer between your server on internet and rest of the internet world. This way it helps to protect your server from external attacks from internet. It also helps to avoid unnecessary traffic to your server on internet.

What is The Need of Firewalls

The growth of internet is increasing the security risks as well. The time comes when you have to connect your server to the internet for live services like email, webservices and several others. At this time::

  1. People should access only specific services at your server on internet. You want to block rest of the traffic to your server.
  2. You want to protect your server and hence network from external threats like hackers.
  3. You want to block internal users to access only specific services outside of your network.
  4. You want to restrict the type of information the users can access from internet.
  5. You want to protect unauthorized users to access information inside your network.

What Are Basic Firewall Technologies

There are several firewall technologies out there. The type of services are:

  1. Packet filtering The one of the most basic types of firewall technologies. This helps to filter the type of traffic which can pass through the firewall.
  2. Application Gateway/ProxyThe application gateway or application proxy is a software which runs on a firewall and intercepts the traffic for a particular application. It acts as a middleman. The internal user will connect to the application gateway and application gateway connects the user to the requested server. Similarly external user connects to the application gateway and the gateway connects the user to some server inside you network. This way certain features of the application can be allowed or disallowed as per your security policy.
  3. Other TechnologiesDMZ(Demiliterized zones), secrificial hosts, hardware firewalls, software firewalls and so on. In later articles I’ll be discussing each one in quite detail.

What Are Firewall Capabilities

The firewalls have various capabilities and can act as swiss army knife for you if you know the nitty-gritty of firewalls.

The capabilities are discussed as below:

  1. It keeps internal network and servers safe from outer attacks. The information is hidden from outside network.
  2. It provides safety from insecure protocols.
  3. It provides log files as audit trails for whatever happened in past since the firewall was implemented. Specifically break-in attempts can be useful.
  4. It can provide the single point of contact from security point of view.
  5. It can provide Network Address Translation capability which means when a user access any service outside your network, their original IP address is not revealed to the outside world, instead your network’s external IP is revealed. So the process becomes transparent.

What Are Firewall Limitations

Along with capabilities, firewall has limitations too. The firewall limitations are discussed as below:

  1. No protection from internal hackers. The hackers inside your network can access various areas of your IT infrastructure. So, for the security in those areas, firewall won’t do anything.
  2. The viruses are controllable upto some extent, but lot of viruses pass through un-noticed.
  3. Just like virus traffic, trojans also pass through un-noticed. So, internal host level security is required to fight with those attacks.
  4. No protection from physical outages or social engineering attacks.
  5. Using a firewall is not a game for the poor players. You need to be knowledgeable about all these technologies to secure your network.

In the days to come, I am going to discuss firewalls in detail. Keep visiting and stay informed. Remember to bookmark this page and also subscribe to our newsletter for keeping in touch with IT security.

Tagged with:
 

1 Response » to “Firewall: Some Basic Ideas”

Leave a Reply

 




More articles from the category: Firewalls


Proxy Firewall and Gateway Firewall: Introduction

The terms proxy firewall and gateway firewall are used synonymously. These firewalls help to maintain the transparency between the requester and server. As you know, the packet filter firewall inspects the headers of the packets, so it works at network transport layer. But to do inspection of packets at deeper level for better security, we need the proxy firewalls which works at application layer. Moreover, these firewalls are aware of the application protocol, so they provide better inspection capabilities.

Packet Filtering Firewall: An Introduction

The Packet Filtering Firewall is one of the most basic firewalls. The first step in protecting internal users from the external network threats is to implement this type of security. The first ever firewalls used were of packet filtering type only. As the trends of network threats started changing, so did the firewall building strategies. Most of the routers have packet filtering built-in, but the problem with the routers is that, they are difficult to configure and don’t provide extensive logs of the incidents. In my previous firewall tutorials I talked about firewall policies and few other things. That information is also used while designing such firewalls.

Firewall Security Policy

For network security there are some rules which we covered under security policy. The firewall policy is altogether different. We must say that security policy resides at conceptual level and firewall policy resides at technical implementation level and is a subset of security policy. Here I am going to discuss the firewall policy which covers theoretical implementation of network security policy.

Desired Security Policy For Firewall Implementation

For IT security when it comes to implementation of firewall, the planning comes first. The base of planning is the security policy for your organization. The firewall should be capable enough to protect the LAN resources from harms on internet. In a recent article on introduction to firewalls, I discussed about firewall basics. Now I’m going to discuss about the desired security policy for the firewall implementation for your network.

Firewall: Some Basic Ideas

Firewall is an important and extensive tool for IT security. Writing about firewalls in depth is one of my targets for this blog on IT security. So, to set the ball rolling I’ll start with the basics of firewalls . For today I’ll start the disucssion with firewall basics.