This is a software/hardware combination that connects an organization’s internal networks to the Internet. As such, its primary concern is security: it uses rules to determine what information can be passed in either direction, based on the originator address, the server address and the type of information to be transferred. In plain English something that monitors all communication between the company network and the Internet and makes sure that this communication is legitimate. Broadly speaking there are two main types of firewall: network level and application level.
We’ll be covering the following topics in this tutorial:
Network Level Firewalls
These accept or reject messages based on the source address of that message. To explain, every message is split up into smaller packets of data before being sent out over the Internet. Naturally this packet of data carries its destination address so any computer it passes through knows where to send it next, however it also carries the source address which is what the network level firewall looks for. If the data packet originates from a known, or pre-defined, address it is let through into the company system; if not it is rejected.
Network level firewalls are what is known as transparent to the user which means no-one knows they are there. They operate without the users being aware of their existence. While this can make them popular they are by no means the best solution for high security organizations as they can be defeated. It is possible to forge the source address on data packets and so fool the firewall into thinking they come from an approved source.
Application Level Firewalls
These perform a much more sophisticated analysis of the data passing through them according to criteria set by each individual company. Although more secure this auditing process takes time which means the system will run that much slower.
Additionally it could require extra training on the part of the user.
As a further refinement both types of firewall could be used in combination. Low grade information could be protected by a network level firewall to take advantage of its speed while high grade information could be protected behind an application level firewall to take advantage of its greater security. In this way a great deal of safety can be built into the system – and yet security will still not be absolute. Firewalls cannot prevent a virus being downloaded nor are they proof against sabotage or stupidity from personnel within the company.
Something else a firewall cannot do is set the security policy for the company. They are without doubt the physical representation of that security policy, and they work according to the guidelines laid down in that same security policy, but they cannot create it themselves. Only humans can do that.