Firewall

A firewall is a security mechanism to protect a local network from the threats it may face while interacting with other networks (Internet). A firewall can be a hardware component, a software component, or a combination of both. It prevents computers in one network domain from communicating directly with other network domains. All communication takes place through the firewall, which examines all incoming data before allowing it to enter the local network.

Functions of Firewall—The main purpose of firewall is to protect computers of an organization (local network) from unauthorized access. Some of the basic functions of firewall are:

·         Firewalls provide security by examining the incoming data packets and allowing them to enter the local network only if the conditions are met

·         Firewalls provide user authentication by verifying the username and password. This ensures that only authorized users have access to the local network.

·       Firewalls can be used for hiding the structure and contents of a local network from external users. Network Address Translation (NAT) conceals the internal network addresses and replaces all the IP addresses of the local network with one or more public IP addresses.

The local network uses a single network interface to interact with the server. Local network clients use IP addresses that are not attached to any computer. When a client sends a packet to the Internet, the masquerading server replaces the IP address of the packet with its own IP address. When a packet is received by local network, the server replaces the IP address of the packet with the masqueraded address and sends the packet to the respective client.

                                             Firewall

Working of Firewall—The working of firewall is based on a filtering mechanism. The filtering mechanism keeps track of source address of data, destination address of data and contents of data. The filtering mechanism allows information to be passed to the Internet from a local network without any authentication. It makes sure that the downloading of information from the Internet to a local network happens based only on a request by an authorized user.

Firewall Related Terminology:

·         Gateway—The computer that helps to establish a connection between two networks is called gateway. A firewall gateway is used for exchanging information between a local network and the Internet.

·         Proxy Server—A proxy server masks the local network’s IP address with the proxy server IP address, thus concealing the identity of local network from the external network. Web proxy and application-level gateway are some examples of proxy servers. A firewall can be deployed with the proxy for protecting the local network from external network.

·         Screening Routers—They are special types of router with filters, which are used along with the various firewalls. Screening routers check the incoming and outgoing traffic based on the IP address, and ports

Types of Firewall

All the data that enter a local network must come through a firewall. The type of firewall used varies from network to network. The following are the various types of firewalls generally used:

·         Packet filter Firewall

·         Circuit Filter Firewall

·         Proxy server or Application-level Gateway

Packet Filter Firewall

Packet Filter Firewall is usually deployed on the routers (Figure 14.12). It is the simplest kind of mechanism used in firewall protection

                                 Packet filtering

·         It is implemented at the network level to c heck incoming and outgoing packets.

·         The IP packet header is checked for the source and the destination IP addresses and the port combinations.

·         After checking, the filtering rules are applied to the data packets for filtering. The filtering rules are set by an organization based on its security policies.

·         If the packet is found valid, then it is allowed to enter or exit the local network.

·         Packet filtering is fast, easy to use, simple and cost effective.

·         A majority of routers in the market provide packet filtering capability. It is used in small and medium businesses.

·         Packet filter firewall does not provide a complete solution.