Top Facts you should know about Network Firewall [Updated 2024]
A Network Firewall is the first line of defense to secure a network. Generally, a Firewall is installed between a network router and the internal network. You can compare the firewall with the physical doors of the home. The physical door protects individuals from theft, and any unauthentic entry; similarly, the firewall protects the internal network from malicious traffic.
Types of Firewall
- Dedicated hardware appliances are generally used in data centers.
- Software on a machine as used by home users. e.g., Windows Firewall
- Managed firewall services have many options, including a premises-, network-, or cloud-based service. In this case, the firewall manufacturer or service provider takes care of the network and is responsible for firewall administration, log monitoring, etc.
Firewall based on Filtering Type
- Packet Filtering: As the name suggests, the user can either allow or drop packets based on source and destination IP, IP protocol ID, etc., from entering the internal network. This type of filtering works at the network transport layer.
- Proxy: It offers more security than other types of filtering. In proxy filtering, the client connects with a proxy instead of a target system and initiates a new connection. This makes it harder for an attacker to discover the network, as they are not getting the response from the target system.
- Stateful Inspection: In this type of inspection, systems maintain a state table (maintains active connections), analyze incoming and outgoing packets, and drop accordingly.
Click Here to learn the 10 Best Free Firewalls for Windows
How does a firewall work?
A firewall works solely on defined network rules set by the network administrator. Network rules are different for inbound and outbound traffic. Inbound refers to Internet traffic, while outbound refers to traffic from inside. Inbound traffic rules include block requests based on service port number, source IP address, whether logs should be captured or not, etc. Outbound traffic rules include destination IP, local source IP, time, server port number, etc.
Stage | Description |
Traffic Analysis | The firewall inspects incoming and outgoing traffic, examining data packets based on predefined rules and policies. |
Rule Evaluation | It evaluates packets against established rules, including criteria such as IP addresses, ports, protocols, and specific behaviors. |
Allow or Block | Based on the rules, the firewall decides whether to allow or block packets. Allowed packets pass through, while blocked packets are discarded or rejected. |
Stateful Inspection | For stateful firewalls, active connections are tracked to ensure that incoming packets are part of an established, legitimate connection. |
Proxy Function (if applicable) | If a proxy firewall is used, incoming and outgoing traffic is intercepted by the proxy, which acts as an intermediary between the internal network and external sources. |
Logging and Reporting | Firewalls often log information about allowed and blocked traffic, providing reports for analysis and auditing purposes, aiding in monitoring network activity. |
Updates and Maintenance | Regular updates, including firmware updates, rule modifications, and security patches, are essential to keep the firewall robust and effective against emerging threats. |
Conclusion
A firewall is one of the important devices that contribute a lot to network security. In this article, I have covered the basics of the firewall. Click Here If you are interested in knowing the Network Firewall Interview Questions.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.