What is firewall Overview
A firewall is a system that is designed to prevent unauthorized access from entering a private network by filtering the information that comes in from the internet. A firewall blocks unwanted traffic and permits wanted traffic. So a firewall’s purpose is to create a safety barrier between a private network and the public internet. Because out on the internet, there’s always going to be hackers and malicious traffic that may try to penetrate into a private network to cause harm.
A firewall is the main component on a network to prevent attacks from hackers and a firewall is especially important to a large organization that has a lot of computers and servers in them. You don’t want all those devices accessible to everyone on the internet where a hacker can come in and totally disrupt that organization. That’s why you need a firewall to protect them.
A firewall that’s used in computer networks is very similar to how a firewall works in a building structure. In fact this is where the word ‘firewall’ came from. A firewall in a building structure provides a barrier so that in the event of an actual fire, on either side of a building, The firewall is there to keep the fire contained and to keep it from spreading over to the other side So the firewall is there to keep the fire from destroying the entire building But if the firewall wasn’t here, the fire would spread to the other side and the whole building would be destroyed And a network firewall works in a similar way as a structure firewall.
It stops harmful activity before it can spread into the other side of the firewall and cause harm to a private network. In today’s high-tech world, a firewall is essential to every home and especially a business or an organization to keep their network safe.
A firewall works by filtering the incoming network data and determines by its rules if it is allowed to enter a network, these rules are also known as an access control list. These rules are customizable and are determined by the network administrator. The administrator decides not only what can enter a network but also what can leave a network. These rules either allows or denies permission.
So as an example, here we have some rules in a firewall’s access control list. It shows a list of IP addresses that have been allowed or denied by this firewall. As you can see, traffic from some IP addresses are allowed to enter this network. but traffic from one IP address has been denied.
So, if traffic from this IP address tried to get into this network, the firewall will deny it because of the rules that are set in the firewall. But the other IP addresses are granted access because the rules Allow them. Firewalls don’t just make rules based in IP addresses, but they can also make rules based on domain names, protocols, programs, ports,
Let’s say in this example, the firewall rules are controlling access by port numbers and let’s say that the rules have allowed incoming data that’s using port number 80,25, and 110, and the data using those ports have been given access to this network.
So any incoming data that’s using those ports, can pass through the firewall. But also in this firewall, the rules have denied any data that’s using port numbers 23 and 3389. So any incoming data that’s using those port numbers, the firewall will deny access and it won’t get passed the firewall. So in a nutshell this is how firewalls basically work. Firewalls come in different types.
One type is called a host-based firewall, and this is a software firewall. This is the kind of firewall that is installed on a computer and it protects that computer only and nothing else.
For example, later versions of Microsoft operating systems come pre-packaged with a host-baseball firewall. And you can see that example here.
There are also 3rd party host-based firewalls can be purchased and installed on a computer. So for example, Zone Alarm which is a popular 3rd party host-based firewall. And also a lot of antivirus programs will have a built in host-based firewall.
Another type of firewall is called a network-based firewall. A network-based firewall is a combination of hardware and software, and it operates at the network layer. It is placed between a private network and the public interne But unlike a host-based firewall, where it only protects that computer, a network-based firewall protects the entire network, and it does this through management rules that are applied to the entire network so that any harmful activity can be stopped before it reaches the computers. Network-based firewalls can be a stand alone product .which is mainly used by large organizations.
They can also be built-in as a component of a router. which is what a lot of smaller organizations rely on or they can also be deployed in a service provider’s cloud infrastructure. Now, a lot of organizations will use both network- based and host-based of firewalls.
They will use a network-based firewall to protect the entire network as a whole and they will also use host-based firewalls for their individual protection for their computers and servers and by doing this, it will ensure maximum protection. Because if harmful data just so happens to get passed the network firewall. The host based firewalls on each computer will be there to stop it.