Firewall Overview

What is a firewall? This is a common question. In IT, a firewall is used to keep unauthorized users away from a computer or a network. A firewall can be hardware-based, that is a physical box with software, or software based, which runs on a normal computer. Here is a short firewall overview.

The success of the Internet created the need for firewalls. A computer which is connected to the Internet is very likely to get attacked. The Morris Worm, released in November 1988, was the first large scale attack on the Internet. It was not malicious but infected thousands of computers. The main reason was that most system administrators had not expected to be attacked and had not secured their systems. The problems caused by the very simple Morris Worm changed Internet security. One of the main solutions for preventing attacks became the firewall.

The early firewalls were mainly using basic packet filtering, making it possible to specify allowed traffic and rejecting or silently dropping all other traffic. Packet filtering is easy to implement but it does not work well in a dynamic environment like the Internet. Another early feature of many firewalls was NAT, Network Address Translation, hiding the internal structure of the network behind the firewall. NAT also makes it possible to use private IP addresses (RFC 1918) on a network. This makes it possible to hide a whole network, using private IP addresses, behind one single public IP address. This both preserves IP addresses and increases the security of the private network.

Nowadays, you have a lot of firewalls to choose from. The high-end solutions are very expensive, aimed at large organizations which need to protect themselves against a number of threats. For a home network connected to the Internet with a broadband connection, a combined wireless hub/router/firewall is a cheap way of protecting your computers at home. Strictly speaking, such devices are no real firewalls but they can protect you against most threats. You should still run anti-virus software on your computers, even if they are protected by a firewall.

Windows operating system has firewall software as well. The software has been included since Windows XP. The early versions were very basic and often created problems. But the Windows Firewall software has been improved and provides a reasonable level of security. But it is highly recommended that you pay for anti-virus software which also protects your computer from external threats. They are much better than Windows Firewall software. Note that most of them will disable the Windows Firewall software.

When it comes to security, it is generally best to go for the popular solutions. Most of the security flaws have been detected and fixed. Firewalls that are not used much may not have as many known security flaws as the popular firewalls but that does not mean that they are better or more secure. On the contrary, firewalls that are not widely used could have some serious security holes but they have not been detected because very few uses the product. You don’t want to be the first one to detect a security flaw in your firewall.

The modern firewalls are very efficient, most IT security issues are generally created by insiders. Internal threats are nowadays much more serious than threats from the outside. Firewalls are used to protect the organization from threats from the outside world, not against attacks from the inside. Here you can learn how you can protect yourself against attacks from the inside. Today, the biggest threat from the outside for many organizations are distributed denial-of-service attacks. This is not really a security problem but it makes difficult for clients to reach the computers of the organization. Few firewalls are designed to handle such attacks. Fortunately, large scale distributed denial-of-service attacks are rare and only a problem for some well-known organizations.

Leave a Reply