What Does a Firewall Do?


When your private information is under threat, a firewall is your first line of defense. It is a tool used to filter network traffic between your home/company network and the internet.

Author: Ian Musyoka
Category: Hardware
Author: Ian Musyoka
Category: Hardware



What Does a Firewall Do?

Before I started writing this, I was thinking to myself, “Who really needs a firewall?” As it turns out, most of us do. If your personal or company computer is connected to the internet, your network is always exposed to threats and risks. This means that you most likely want to protect your device. 

When your private information is under threat, a firewall is your first defense system. It is a tool that is used to filter network traffic between your home or company network, and the internet. A computer network firewall performs similar functions to the firewall of a building. In case you do not know, a building firewall is used to prevent the spread of fire by assembling a wall with a fire-resistance duration. Just as the concrete firewall protects one side of the building, computers on the other side will not be affected when something bad happens to one side of it. 

 

How Do Firewalls Work?

Firewalls are an extra barrier of protection on top of other measures, such as anti-malware software. However, software and hardware firewall systems operate in slightly different ways. 

Hardware firewall systems filter information from the internet as it passes through into the computer. Hardware firewalls are also independent of the computer they protect. By examining the data flow from the internet to the computer, they are able to check whether the information is safe. Through a firewall technique known as packet filtering, the data is examined for information such as source and location. A list of permissions is then used to compare the gathered information. This list will determine if the information will be dropped or let through. 

Home-use hardware firewalls analyze the data coming into a computer and disregard the data that leaves. This is a major drawback. Often, malicious software can be disguised as a Trojan horse and be sent through the internet. This may give the illusion that the information came from a trusted source when it is actually damaging software in disguise. In addition, some attacks can lead to your computer becoming a zombie, which will then start broadcasting data. Therefore, because the outgoing information is not detected by a hardware firewall, rising traffic will not be considered.

These firewalls require little or no setup making them beneficial for small businesses and homes. Furthermore, patching multiple computers into the same router will still protect them. An advancement in hardware firewalls will give them the ability to analyze more data. 

What Does a Firewall Do?

A software firewall must be installed in order to protect your computer from unauthorized access. Software firewalls have two advantages over hardware firewalls. The first advantage is that software firewalls can monitor outgoing information. This will counter the possibilities of your computer being turned into a zombie and prevent it from being used to broadcast other malware such as viruses and worms.  

Software firewalls can be customized-this is the second advantage. This gives you the ability to adjust the permissions in case you want to do something that might not be permitted by the firewall. Software firewalls only protect one computer; that is their main disadvantage. A licensed firewall product is required for every computer. On the contrary, a hardware firewall protects any computer that has been attached to it. 

Types of Firewalls

The following different types of firewalls exist:

  • Web application firewall: This is a server plug-in, a hardware appliance or a software filter that uses a set of HTTP rules to hold conversations. These rules can be customized to the application to identify and block many attacks.
    • Circuit-level gateway implementation: This is the process of applying security mechanisms when a UDP (User Datagram Protocol) or TCP (Transmission Control Protocol) connection is initiated. Upon the establishment of a connection, unscrutinized packet flow can proceed between the hosts. 
    • Proxy server: A gateway between the internet and a computer is called a proxy server. It hides the real network identity of the computers connected to it. When a proxy server is connected to the internet, it makes the necessary connections and requests and receives this information in place of the computer. 
  • Packet filtering:  the packet filtering system examines the packet leaving or entering the network, and reject or accept them based on the rules defined by the user. Although it is difficult to configure, the process is fairly transparent and effective for users. However, it is vulnerable to IP spoofing. 

Many firewalls use more than one of these techniques. In systems such as Windows and Mac OS, the computer already has an in-built firewall. Several third-party firewall packages exist such as Norton personal firewall, Zone Alarm, McAfee personal firewall, Tiny and Black Ice Protection, among others. 

What Does a Firewall Do?

Which Firewall Is Best for Me?

When you go to the clothing store, the salesperson is likely to convince you that there is a size that fits all. Being the smart consumer that you are, you know that is not true. Similarly, there is no size of firewall that works well for every organization. The type of firewall you need depends on your management and protection requirements. Firewalls normally fall into one of the following categories: 

  • Personal firewalls: Most times, personal software exists as an installed piece on a single computer that protects just one device. Other times, they may come as a separate hardware entity or built into a network device to protect one, or a small number of computers. They have limited management and reporting features. 
    • Small organization/ departmental firewalls: These types of firewalls were designed to protect the computers in a limited size office location. They can screen the computer network traffic for a limited number of devices. Also, their management and reporting capabilities work effectively for this job. 
  • Enterprise firewalls: These types of firewalls are good for very large organizations, including those with users that are geographically dispersed. They have consolidated reporting capabilities for multiple firewalls. The management tools give you the ability to set up multiple firewalls at a go. 

Why Do You Need a Firewall?

Having a firewall will protect you from intruders who will try to access your computer remotely. Imagine the shock you will experience when you see your computer mouse is being moved around the monitor by an intruder. If your firewall is configured correctly, it should have the remote access feature disabled to prevent intruders from taking over your device. 

In the history of video games, the most significant development “is” online gaming. However, it has potential risks. A lot of malware targeting online gamers is lurking on the web, hiding in compromised on unsecured game servers. Although game developers keep their server security tight, it is always a good idea to ensure your firewall is enabled before you start playing online games. This will block any attempt by hackers to access your system.

Although it is constantly mentioned that a firewall blocks hackers and different types of malware, its functionality is not limited to that. Apart from protecting your personal files from ransomware,  firewall applications have a feature of blocking certain online locations. You can use this feature to block immoral or unsuitable content. 

A firewall should not be your only security measure. While a firewall is known to block backdoor access of Trojans, there is a likelihood that this can be bypassed. You should always use multiple methods to check the security of your internet connection. Firewalls cannot deal with keyloggers, worms, viruses, and other malware. This is why it is advised to use other anti-malware tools in conjunction with firewalls. 

What Does a Firewall Do?

Limitations of Firewalls

Although it is always advised to keep a firewall as part of a security strategy, it can have the following limitations: 

  • Firewalls cannot prevent internal users from visiting sides with malicious code.
  • If you have a flimsy security policy, a firewall will not be able to protect you.
  • If an attacker is using a modem, a firewall will not prevent them from dialing in or out of the network. 
  • Firewalls do not prevent misuse of passwords or enforce password policies.
  • Non-technical security risks such as social engineering cannot be stopped by a firewall.
  • Firewalls do not protect users from poor decisions. 

Conclusion

A firewall is a tool that is used to filter network traffic between the internet and your home or work computer. When the security of your private information is under threat, a firewall is your first line of defense. Hardware firewalls filter information coming into your computer from the internet while software firewalls filter both the information coming into and/or leaving your computer. Hardware firewall systems are independent of the devices they protect, while software firewall systems must be installed in a computer in order to protect it. Your management and protection requirements determine the type of firewall you need. A firewall should not be your only security measure- you should use it in conjunction with other security tools.

HELP!





OTHER RESOURCES

komar, b., beekelaar, r., & wettern, j. (2003). firewalls for dummies (2nd ed.). new york: wiley publishing.

vacca, j. r., & ellis, s. (2005). firewalls: jumpstart for network and system administrators. chicago, california: elsevier digital press.

klevinsky, t. j., & laliberte, s. (2004). hack i.t.: security through penetration testing (vol. 4th). indianapolis: addison-wesley professional.

riggs, c. (2004). network perimeter security: building defense in-depth. boca raton: crc press.

stewart, m. j. (2014). network security, firewalls and vpn's (2nd ed.). burlington: jones and bartlett learning.