Network Firewalls Explained

You know that having a strong firewall is a key component to having strong network security, but do you how firewalls work? Firewalls take their name from the protective barriers that keep buildings and engines safe from fire. While it’s unlikely that your computer is in danger of incineration, a firewall does protect it from cyber-threats; here’s how!

One of the big differences between a network firewall and a building firewall is that one is a physical wall and the other is a virtual wall. A network firewall is not a physical component that you can buy and install on your PC. If you walked into a computer store and said, “I will take one firewall please,” you would get a strange look. While there are some firewall solutions that require special network devices to be added to your network, most firewalls are basically some sort of filtering program. Larger networks will require hardware to assist with the support of the firewall, but this hardware is as much “the firewall” as a router is “the Internet.”

A firewall in its most basic form is a system that enforces access to a network with integrated control policies. Firewalls are responsible for filtering network traffic. The firewall filter is called a transit point; this is the point at which all network traffic flows through. Every operating system includes a firewall that can be used to protect the PC, although businesses will want to upgrade to stronger firewall solutions that include firewall devices like enabled routers and switches to offload the activity that is demanding on a computer’s memory and processor like offloading and filtering data packets.

Firewall settings can be adjusted to meet a user’s security preferences, and firewall settings can be modified to allow for different settings with different users on a network. The more traffic there is from either the Internet or a local intranet, the stronger you will want your firewall security settings to be. In regards to direct attacks to your computer system from outside Internet threats like malware, your firewall is your best defense.

There are several different types of firewalls. Here is a brief description of a few of the most widely used firewalls.

Stateless Firewall

A stateless firewall is one of the earliest firewalls. It is designed to filter and inspect packets based on a predetermined set of acceptance protocols. If a packet does not meet certain parameters in the packet header, then it is dropped.

Statefull Firewall

This type of firewall filters data packets stored in the firewall based on the flow of information. By storing packets, a firewall is then able to determine if a packet belongs to an existing flow of data.

Packet-filtering Firewall

This firewall is typically part of a router and filters a few layers of content. When a firewall analyzes data, it does so by looking at a few of the layers (like 2-4 out of 7). The packet filtering firewall will allow or deny traffic based on the destination IP address, protocol, source, and destination port numbers, and packet type.

Other types of firewalls include: proxy firewall, address-translation firewall, host-based firewall, transparent firewall, and hybrid firewall. For the best network security, you will want to use a firewall and adjust your settings to meet the needs of your unique network.

One firewall tool that Directive offers is our Unified Threat Management (UTM) solution. A UTM is a strong firewall device that plugs into your network and filters all network traffic to meet the needs of all of your different computers and users. To learn more about firewall solutions, or to have Directive examine your firewall to look for vulnerabilities, give us a call at 607.433.2200.