Ever thought how your computer is protected from cyber attacks? Any computer when connected to a public network is in a threat of computer network security. The public network is the network which is open to everyone and anyone over web can access data available on public network. Today, every computer user deals with sensitive information and hackers are the ones who search for vulnerable networks so they can steal someone’s personal information by connecting the network. Malicious programs which attack the target computer can take advantage of such network which is not protected by any layer of security.
Every organization whether it is a small scale organization or a medium scale organization has firewall, which is a barrier between the “untrusted” public network and the organization’s private network. The public network i.e., internet is considered as unsafe and risky for communication to private network. There is a need for a protective layer which can protect the private network to get attacked by a malicious user or unauthorized programs and firewall is used for this purpose.
Not only organization’s network but a general user’s computer also has firewall installed in it. Windows users have a default firewall installed in their computer, if you use windows you can check firewall details from settings > update and security > windows security > firewall and network protection.
You can think firewall as a software, hardware or combination of both of them that prevents unauthorized access to or from internal network.
Let’s understand firewall in more depth.
What is firewall?
Firewall is a network device which filters the in-going and outgoing network traffic based on predefined policies. When private network is connected with public network, firewall acts as a monitor whose job is to check whether the data packet which is coming or leaving the internal network should be passed or discarded. It will be clear if you refer the below diagram.
Need of firewall!
Having firewall at the network boundary is like deploying security at the single point. There are numerous reasons why firewall should be used to achieve computer network security at internal network. Some of them are mentioned below:
- Use a firewall to prevent unauthorized access to computer by a remote intruder/hacker: Your computer can be remotely accessed by a remote user who wants to take control of your system remotely. When connected to a network which is prone to computer security attacks can be really risky so you can deploy firewall which will protect your computer from authorized remote access.
- Content blocking with firewall: You can deploy firewall for blocking unauthentic or inappropriate websites so the host computer in the internal network cannot access such content. It is generally used in organizations where porn content and fraudulent websites need to be blocked by the firewall. It can also be used in parental control applications or kid friendly networking apps.
- Secure old computer with firewall: If you are the one who uses Windows XP or Windows 7 then let me tell you such systems are more vulnerable for cyber attacks. Installing a third-party firewall can secure your computer for a short term. If possible you are supposed to upgrade your operating systems and other software with time.
Also Read: Computer Networking And its Types
Types of firewalls
There are 3 popular types of firewall which are as follows:
- Packet filtering firewall: In this type of firewall deployment, the internal network is connected to external network through a router firewall. The firewall examines the data packet based on the selection criteria and then it decides whether to discard (block) or pass (permit) the data packet. The selection criteria is centered on IP addresses, protocols, port numbers of source and/or destination, and various other parameters within the IP header.
Packet filtering firewall are of two types – a. stateless firewall b. stateful firewall
- Stateless firewall: It is a type of packet filtering firewall which examines, allow or deny the packet even if it is not the part of any established ongoing communication. This kind of firewall does not keep track of packets that whether they are coming from the same communication network or not.
- Stateful firewall: In modern network, stateless firewall was replaced by stateful firewall. This type of firewall offers more advanced inspection methods than stateless firewall. It monitors the connection setup, keep tracks of connection state and determine whether the packet is coming from authorized host or not. This firewall adds more security to the network.
- Application Level Gateway: This is a kind of firewall which examines incoming and outgoing data packets (IP header + original message) and also checks the payload (original message) which was not checked by packet filtering firewall. It copies and forwards the data packet across the gateway and function as a proxy server. Thus, it prevents any direct connection between a trusted server and client. So, any malicious user will never get to know about target computer’s IP address, port number or any other information.
These proxies are application specific which means a telnet proxy can copy, forward and filter telnet traffic only. Such proxies can filter packets at the application layer of the OSI model.
- Circuit Level Gateway: It’s an intermediate solution between the packet filter and the application gateway firewall. It works at transport layer and hence can act as proxy for any application. Like application gateway, circuit level gateway does not permit TCP/IP connection between the sender and receiver directly.
But, like application gateway it does not examine the application data and sometimes also called as ‘pipe proxy’.
Firewalls are the barriers which protects the internal network from external network. It can be software, hardware or the combination of both. Its job is to monitor the incoming and/or outgoing network traffic from/to internal network. Firewall is needed in various applications such as parental control applications where blocking of porn content is performed by firewall. It acts as a protective layer for a private network and when any program or user wants to gain unauthorized access to the network. Firewall is used in combination with anti-virus because firewall do not protects from viruses, worms, key loggers and other malware.
Do you know what can’t a firewall protect against?