Network Firewalls

Network firewalls are security devices used to stop or mitigate unauthorized access to private networks connected to the Internet, especially intranets. The only traffic allowed on the network is defined via firewall policies — any other traffic attempting to access the network is blocked. Network firewalls sit at the front line of a network, acting as a communications liaison between internal and external devices.

A network firewall can be configured so that any data entering or exiting the network has to pass through it — it accomplishes this by examining each incoming message and rejecting those that fail to meet the defined security criteria. When properly configured, a firewall allows users to access any of the resources they need while simultaneously keeping out unwanted users, hackers, viruses, worms or other malicious programs trying to access the protected network.

Software vs. hardware firewalls

Firewalls can be either hardware or software. In addition to limiting access to a protected computer and network, a firewall can log all traffic coming into or leaving a network, and manage remote access to a private network through secure authentication certificates and logins.

• Hardware firewalls: These firewalls are released either as standalone products for corporate use, or more often, as a built-in component of a router or other networking device. They are considered an essential part of any traditional security system and network configuration. Hardware firewalls will almost always come with a minimum of four network ports that allow connections to multiple systems. For larger networks, a more expansive networking firewall solution is available.
• Software firewalls: These are installed on a computer, or provided by an OS or network device manufacturer. They can be customized, and provide a smaller level of control over functions and protection features. A software firewall can protect a system from standard control and access attempts, but have trouble with more sophisticated network breaches.

A firewall is considered an endpoint protection technology. In protecting private information, a firewall can be considered a first line of defense, but it cannot be the only defense.

Firewall types

Firewalls are relied upon to secure home and corporate networks. A simple firewall program or device will sift through all information passing through the network — this process can also be customized depending on the needs of the user and the capabilities of the firewall. There are a number of major firewall types that prevent harmful information from passing through the network:

• Application-layer Firewalls: This is a hardware appliance, software filter, or server plug-in. It layers security mechanisms on top of defined applications, such as FTP servers, and defines rules for HTTP connections. These rules are built for each application, to help identify and block attacks to a network.
• Packet Filtering Firewalls: This filter examines every packet that passes through the network — and then accepts or denies it as defined by rules set by the user. Packet filtering can be very helpful, but it can be challenging to properly configure. Also, it’s vulnerable to IP spoofing.
• Circuit-level Firewalls: This firewall type applies a variety of security mechanisms once a UDP or TCP connection has been made. Once the connection is established, packets are exchanged directly between hosts without further oversight or filtering.
• Proxy Server Firewalls: This version will check all messages that enter or leave a network, and then hide the real network addresses from any external inspection.
• Next Generation Firewalls (NGFW): These work by filtering traffic moving through a network — the filtering is determined by the applications or traffic types and the ports they are assigned to. These features comprise a blend of a standard firewall with additional functionality, to help with greater, more self-sufficient network inspection.
• Stateful Firewalls: Sometimes referred to as third generation firewall technology, stateful filtering accomplishes two things: traffic classification based on the destination port, and packet tracking of every interaction between internal connections. These newer technologies increase usability and assist in expanding access control granularity — interactions are no longer defined by port and protocol. A packet’s history in the state table is also measured.

All of these network firewall types are useful for power users, and many firewalls will allow for two or more of these techniques to be used in tandem with one another.