Introduction to firewalls

Introduction

Generally, firewalls are configured to protect against unauthenticated interactive logins from the outside world. This helps prevent "hackers" from logging into machines on your network. More sophisticated firewalls block traffic from the outside to the inside, but permit users on the inside to communicate a little more freely with the outside.

Firewalls are also essential since they can provide a single block point where security and auditing can be imposed. Firewalls provide an important logging and auditing function; often they provide summaries to the administrator about what type/volume of traffic that has been processed through it. This is an important point as providing this block point can serve the same purpose (on your network) as an armed guard can (for physical premises).    Administrator's notebook
Need a quick review? Here are the main points:

• A firewall is a hardware or software system that prevents unauthorized access to or from a network.
• Two main types of firewalls: network layer and application layer
• Network layer firewalls make decisions based on the source address, destination address and ports in individual IP packets.
• Application layer firewalls generally are hosts running proxy servers, which permit no traffic directly between networks and perform elaborate logging and examination of traffic.
  
  
  
  To continue reading for free, register below or login

  Requires Membership to View

  To gain access to this and all member only content, please provide the following information:

  Email Address:
  
  
  

  By joining SearchNetworking.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.
  
  TechTarget cares about your privacy. Read our Privacy Policy
  To read more you must become a member of SearchNetworking.com

  As an existing member of the TechTarget network please activate your SearchNetworking.com account 

  By joining SearchNetworking.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.
  
  TechTarget cares about your privacy. Read our Privacy Policy
  
  
  

  Digg This!     StumbleUpon     Del.icio.us

  
  
  
  

  RELATED CONTENT Network Administration Why is access denied to my Active Directory (AD) users and computers? What network loss testing tools/methods calculate dropped packets from a PC? Network user management Do I have to disable DHCP on my router to create a DHCP server? What preventative maintenance procedures for network devices exist? Top 10 reasons why computers do not have network access to each other Troubleshooting -- 'Network Know-How' Chapter 17 How server virtualization improves efficiency in a client-server model Understand Windows tracert output to troubleshoot network connectivity Why would a computer show drive letters for discs that don't exist? Network Administration Research

  RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary availability  (SearchNetworking.com) carrier detect  (SearchNetworking.com) fiber jumper  (SearchNetworking.com) layer 2  (SearchNetworking.com) MAE  (SearchNetworking.com) Network layer  (SearchNetworking.com) networking  (SearchNetworking.com) OSI  (SearchNetworking.com) patch cord  (SearchNetworking.com) staggered quadrature phase-shift keying  (SearchNetworking.com)

  RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

  
  
  -->

  Theoretically, there are two types of firewalls:

  1. Network layer
  2. Application layer

  They are not as different as you may think. Which is which depends on what mechanisms the firewall uses to pass traffic from one security zone to another. The International Standards Organization (ISO) Open Systems Interconnect (OSI) model for networking defines seven layers, where each layer provides services that higher-level layers depend on. The important thing to recognize is that the lower-level the forwarding mechanism, the less examination the firewall can perform.

  Network layer firewalls

  This type generally makes its decisions based on the source address, destination address and ports in individual IP packets. A simple router is the traditional network layer firewall, since it is not able to make particularly complicated decisions about what a packet is actually talking to or where it actually came from. Modern network layer firewalls have become increasingly more sophisticated, and now maintain internal information about the state of connections passing through them at any time.

  One thing that's an important difference about many network layer firewalls is that they route traffic directly though them, so to use one you either need to have a validly assigned IP address block or a private internet address block. The network layer firewalls tends to be very fast and almost transparent to its users.

  Application layer firewalls

  These generally are hosts running proxy servers, which permit no traffic directly between networks, and which perform elaborate logging and examination of traffic passing through them. Since proxy applications are simply software running on the firewall, it is a good place to do lots of logging and access control. Application layer firewalls can be used as network address translators, since traffic goes in one side and out the other, after having passed through an application that effectively masks the origin of the initiating connection.

  Having an application in the way in some cases may impact performance and may make the firewall less transparent. Early application layer firewalls are not particularly transparent to end-users and may require some training. However more modern application layer firewalls are often totally transparent. Application layer firewalls tend to provide more detailed audit reports and tend to enforce more conservative security models than network layer firewalls.

  The future of firewalls sits somewhere between both network layer firewalls and application layer firewalls. It is likely that network layer firewalls will become increasingly aware of the information going through them, and application layer firewalls will become more and more transparent. The end result will be kind of a fast packet-screening system that logs and checks data as it passes through.

  ---

  [IMAGE]Click over to Firewall.cx for more articles like this one. You don't have to register or jump through any hoops. All you do is get the networking information you want. Copyright 2004 Firewall.cx.
  

  Rate this Tip To rate tips, you must be a member of SearchNetworking.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.