What is a Firewall? Explain Hardware and Software
Firewall
Firewall
Firewall
is a software or hardware or combination of both hardware and software. A
private network (LAN) connected to the internet is in high risk to intrusion by
unauthorized users on the internet. To protect the information from being leaked,
all the messages or communication entering or leaving the private network must
pass through a firewall which authenticates the traffic based on set policies
or security criteria.
Firewall is system that protects a private network from internet by filtering
the incoming and outgoing messages based on security mechanism as set by
administrator. The firewall can be a software application or it
can be in the form of a hardware device.
Hardware
Firewall
It is a hardware
device that is placed between internet and intranet (LAN). It is a standalone
device that is configured to protect multiple systems in an organization. An
example of a simple hardware firewall is a broadband router and there are
professional high-cost hardware firewalls also called UTM (unified threat management)
that provides a single management console to monitor various security related
applications. UTM firewall provides intrusion protection, anti-virus,
anti-malware, spam, VPN and content filtering in a single console. Only IT
professionals can configure and manage these UTM firewalls
Software
Firewall
For
a home or small networks, you can use software firewalls which can be installed
on individual systems or a server. Software firewalls are easy to install and
update as compared to their hardware counterparts. Even if there is a hardware
firewall installed in your office, you must install a software firewall since a
hardware firewall works only in your office (LAN) and if you are traveling or
working outside your office, it is the software firewall that will provide
protection to your system from external threats.
A
basic software firewall is available free with windows operating system but you
can also buy advanced software firewalls like McAfee, Norton Internet security,
Bitdefender internet security or Kaspersky internet security.
Types of
Firewall
Packet filtering firewalls
This
firewall doesn't route packets, but instead compares each packet received to a
set of established criteria -- such as the allowed IP addresses, packet type,
port number, etc. Packets that are flagged as troublesome are, generally
speaking, unceremoniously dropped -- that is, they are not forwarded and, thus,
cease to exist. This, the original type of firewall, operates inline at
junction points where devices such as routers and switches do their work.
Circuit-level gateways
Using
another relatively quick way to identify malicious content, these devices monitor
the TCP handshakes across the network as they are established between the local
and remote hosts to determine whether the session being initiated is legitimate
-- whether the remote system is considered trusted. They don't inspect the
packets themselves, however.
Stateful inspection firewalls
State-aware
devices, on the other hand, not only examine each packet, but also keep track
of whether or not that packet is part of an established TCP session. This
offers more security than either packet filtering or circuit monitoring alone,
but exacts a greater toll on network performance.
A
further variant of stateful inspection is the multilayer inspection firewall,
which considers the flow of transactions in process across multiple layers of
the ISO Open Systems Interconnection seven-layer model.
Application-level gateways
This
kind of device, technically a proxy, and sometimes referred to as a proxy
firewall, combines some of the attributes of packet filtering firewalls with
those of circuit-level gateways. They filter packets not only according to
the service for which they are intended -- as specified by the destination port
-- but also by certain other characteristics, such as the HTTP request string.
While
gateways that filter at the application layer provide considerable data
security, they can dramatically affect network performance.
