A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
A firewall is a hardware or software system that prevents unauthorized access to or from a network. It can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet. All data entering or leaving the intranet pass through the firewall, which examines each packet and blocks those that do not meet the specified security criteria.
Functions of Firewall
Some of the basic functions of firewall are:
- Firewalls provide security by examining the incoming data Packets and allowing them to enter the local network only if the conditions are met.
- Firewalls provide user authentication by verifying the username and password.This ensures that only authorized users have access to the local network.
- Firewalls can be used for hiding the structure and contents of a local network from external users.Network address translation(NAT) conceals the internal network addresses and replaces all the IP address of the local network with one or more public IP address.
How Firewall works?
A firewall is a security mechanism to protect a local network from the threats it may face while interacting with other networks(Internet).It can be a hardware component or software component or both.
The local network uses a single network to interact with the server.Local network clients use IP addresses that are not attached to any computer.When a client sends a packet to the Internet,The masquerading server replaces the IP address of the packet with its own IP address.When a packet is received by locl network,the server replaces the IP address of the packet with the masqueraded address and sends the packet to the respective clients.
The working of firewall is based on a filtering mechanism.The filtering mechanism keeps track of source address of data,destination address of data and contents of data.The filtering mechanism allows information to be passed to the Internet from a local network without any authentication.It makes sure that the downloading of information from the Internet to a local network happens based only on a request by an authorizes user.
Types of Firewalls
There are three basic types of Firewalls
1. Packet filters
Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP protocol stack, not allowing packets to pass through the firewall unless they match the established rule set. A packet filter only examines traffic based on the packet header. The header includes such fields as the source and destination IP addresses, the source and destination ports, and the network protocol used. Packet filtering is usually employed on perimeter routers in the form of access control lists (ACLs) and is very fast and effective. It can be tedious to configure since rules must be defined for each protocol, range of addresses, and direction of flow. For example, consider the case where host A wants to talk to host B on TCP port 23. Both the desired rule and its reciprocal rule must be entered into the ACL
2. Stateful Packet filtering
Like packet filtering, a stateful packet filter works at the network and transport layers (on the OSI model) by examining the packet header. Unlike packet filtering, if the flow is allowed, a stateful packet filter keeps track of information about the connection’s state and enters it into a state table. Entries include source and destination IP addresses, the firewall’s network interfaces, source and destination ports, protocol, ACK and SEQ numbers, etc.
A proxy firewall is a network security system that protects network resources by filtering messages at the application layer. A proxy firewall may also be called an application firewall or gateway firewall. A proxy server (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests, for example) in the manner of an application, while blocking other packets. A proxy server is a gateway from one network to another for a specific network application, in the sense that it functions as a proxy on behalf of the network user.