What is a firewall?
A firewall is a system designed to prevent unauthorized access to or from a private network. You can implement a firewall in either hardware or software form, or a combination of both. Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet (i.e., the local network to which you are connected) must pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
Note: In protecting private information, a firewall is considered a first line of defense; it cannot, however, be considered the only such line. Firewalls are generally designed to protect network traffic and connections, and therefore do not attempt to authenticate individual users when determining who can access a particular computer or network.
Several types of firewalls exist:
Packet filtering: The system
examines each packet entering or leaving the network and
accepts or rejects it based on user-defined rules. Packet filtering is
fairly effective and transparent to users, but it is difficult to
configure. In addition, it is susceptible to IP spoofing.
Circuit-level gateway implementation: This
process applies security mechanisms when a TCP or UDP connection is
established. Once the connection has been made, packets can flow
between the hosts without further checking.
Acting as a proxy server: A proxy
server is a type of gateway that hides the true network address
of the computer(s) connecting through it. A proxy server connects to
the Internet, makes the requests for pages, connections to servers,
etc., and receives the data on behalf of the computer(s) behind
it. The firewall capabilities lie in the fact that a proxy can be
configured to allow only certain types of traffic to pass (e.g.,
HTTP files, or web pages). A proxy server has the
potential drawback of slowing network performance, since it has to
actively analyze and manipulate traffic passing through it.
- Web application firewall: A web application firewall is a hardware appliance, server plugin, or some other software filter that applies a set of rules to a HTTP conversation. Such rules are generally customized to the application so that many attacks can be identified and blocked.
In practice, many firewalls use two or more of these techniques in concert.
In Windows 7, Vista, and XP, software firewalls are built into the operating system. Earlier versions of Windows did not have firewalls built in. Macintosh computers running Mac OS X 10.2 and later are also equipped with a built-in firewall.
Third-party firewall packages also exist, such as Zone Alarm, Norton Personal Firewall, Tiny, Black Ice Protection, and McAfee Personal Firewall. Many of these offer free versions or trials of their commercial versions.
In addition, many home and small office broadband routers have rudimentary firewall capabilities built in. These tend to be simply port/protocol filters, although models with much finer control are available.
The information above is adapted from Webopedia's firewall page.
Last modified on August 21, 2012.