SlideShare una empresa de Scribd logo

Firewall

Descargar como PPTX, PDF
A
ArchanaMani2

it includes about firewall and its types

Educación
1 de 21
FIREWALL S By M.Archana I-msc(cs)
This includes: Introduction How is Firewall different from an Antivirus? History and Development of Firewall Types of Firewall Functions of firewall
Introduction: • A Firewall manages the secure in-flow and out-flow of data in a device. It monitors the network traffic and acts as a barrier between the trusted and untrusted network. • The concept of Firewall is important for people interested in understanding the network security aspect of a computer device and also for those looking forward to strengthening their Computer Awareness. • This is even an important topic from the perspective of competitive exams which comprise Computer Knowledge as a compulsory subject. Candidates will find all the necessary information well-explained here, along with well- explained notes.
How is Firewall different from an Antivirus? A firewall is a security network designed to protect computer systems and networks from malicious attacks.  Whereas, Antivirus is a software utility program designed to protect a system from internal attacks from viruses.  Get a tabulated and detailed comparison between the two at the Difference Between Firewall and Antivirus page. With regard to a Firewall, another term that is frequently being used is a Computer Network. To get a detailed explanation and understanding of networking, candidates can visit the linked article.
History and Development of Firewall The term ‘Firewall’ actually meant a wall which intended to confine a fire within a line of adjacent buildings.  It was only in the late 1980s when this was acknowledged as a computer terminology. It was during this time that the Internet has started to emerge as a new tool for global use. Thus, having a means which could secure the transmission and flow of data was required by many. Until the Firewall was introduced, routers performed the same function as it restricted the number of people who could use a particular network.
Types of Firewall Packet-Filtering Firewalls Circuit-Level Gateways Stateful Inspection Firewalls Proxy Firewalls Next-Generation Firewalls Cloud Firewalls Software Firewalls Hardware Firewalls
Packet-Filtering Firewalls When it comes to types of firewalls based on their method of operation, the most basic type is the packet-filtering firewall. It serves as an inline security checkpoint attached to a router or switch. As the name suggests, it monitors network traffic by filtering incoming packets according to the information they carry. As explained above, each data packet consists of a header and the data it transmits. This type of firewall decides whether a packet is allowed or denied access based on the header information. To do so, it inspects the protocol, source IP address, destination IP, source port, and destination port. Depending on how the numbers match the access control list (rules defining wanted/unwanted traffic), the packets are passed on or dropped.
Advantages Fast and efficient for filtering headers. – Don’t use up a lot of resources. – Low cost. Disadvantages No payload check. Vulnerable to IP spoofing. Cannot filter application layer protocols. No user authentication.
Circuit-Level Gateways Circuit-level gateways are a type of firewall that work at the session layer of the OSI model, observing TCP (Transmission Control Protocol) connections and sessions. Their primary function is to ensure the established connections are safe. In most cases, circuit-level firewalls are built into some type of software or an already existing firewall. Like pocket-filtering firewalls, they don’t inspect the actual data but rather the information about the transaction.  Additionally, circuit-level gateways are practical, simple to set up, and don’t require a separate proxy server.
Advantages Resource and cost-efficient. – Provide data hiding and protect against address exposure. – Check TCP handshakes. Disadvantages No content filtering. – No application layer security. – Require software modifications.
Stateful Inspection Firewalls A stateful inspection firewall keeps track of the state of a connection by monitoring the TCP 3- way handshake.  This allows it to keep track of the entire connection – from start to end – permitting only expected return traffic inbound. When starting a connection and requesting data, the stateful inspection builds a database (state table) and stores the connection information.  In the state table, it notes the source IP, source port, destination IP, and destination port for each connection
Cont., Using the stateful inspection method, it dynamically creates firewall rules to allow anticipated traffic. This type of firewall is used as additional security.  It enforces more checks and is safer compared to stateless filters.  However, unlike stateless/packet filtering, stateful firewalls inspect the actual data transmitted across multiple packets instead of just the headers. Because of this, they also require more system resources. Keep track of the entire session. Inspect headers and packet payloads.
Proxy Firewalls A proxy firewall serves as an intermediate device between internal and external systems communicating over the Internet. It protects a network by forwarding requests from the original client and masking it as its own. Proxy means to serve as a substitute and, accordingly, that is the role it plays. It substitutes for the client that is sending the request. When a client sends a request to access a web page, the message is intersected by the proxy server. The proxy forwards the message to the web server, pretending to be the client. Doing so hides the client’s identification and geolocation, protecting it from any restrictions and potential attacks. The web server then responds and gives the proxy the requested information, which is passed on to the client.
Next-Generation Firewalls The next-generation firewall is a security device that combines a number of functions of other firewalls. It incorporates packet, stateful, and deep packet inspection. Simply put, NGFW checks the actual payload of the packet instead of focusing solely on header information. Unlike traditional firewalls, the next-gen firewall inspects the entire transaction of data, including the TCP handshakes, surface-level, and deep packet inspection. Using NGFW is adequate protection from malware attacks, external threats, and intrusion. These devices are quite flexible, and there is no clear-cut definition of the functionalities they offer. Therefore, make sure to explore what each specific option provides.
Cloud Firewalls A cloud firewall or firewall-as-a-service (Faas) is a cloud solution for network protection. Like other cloud solutions, it is maintained and run on the Internet by third-party vendors. Clients often utilize cloud firewalls as proxy servers, but the configuration can vary according to the demand. Their main advantage is scalability. They are independent of physical resources, which allows scaling the firewall capacity according to the traffic load. Businesses use this solution to protect an internal network or other cloud infrastructures (Iaas/Paas).
Software Firewalls A software firewall is installed on the host device. Accordingly, this type of firewall is also known as a Host Firewall. Since it is attached to a specific device, it has to utilize its resources to work. Therefore, it is inevitable for it to use up some of the system’s RAM and CPU. If there are multiple devices, you need to install the software on each device. Since it needs to be compatible with the host, it requires individual configuration for each.  Hence, the main disadvantage is the time and knowledge needed to administrate and manage firewalls for each device. On the other hand, the advantage of software firewalls is that they can distinguish between programs while filtering incoming and outgoing traffic. Hence, they can deny access to one program while allowing access to another.
Hardware Firewalls As the name suggests, hardware firewalls are security devices that represent a separate piece of hardware placed between an internal and external network (the Internet). This type is also known as an Appliance Firewall. Unlike a software firewall, a hardware firewall has its resources and doesn’t consume any CPU or RAM from the host devices. It is a physical appliance that serves as a gateway for traffic passing to and from an internal network. They are used by medium and large organizations that have multiple computers working inside the same network. Utilizing hardware firewalls in such cases is more practical than installing individual software on each device. Configuring and managing a hardware firewall requires knowledge and skill, so make sure there is a skilled team to take on this responsibility.
Functions of Firewall Any data which enters or exits a computer network has to pass through the Firewall All the valuable information stays intact if the data packets are securely passed through the Firewall Every time a data packets passed through a Firewall, it records it which allows the user to record the network activity No data can be modified as it is held securely within the data packets Precisely, a Firewall ensures that all the data is secure and any malicious data trying to enter the internal network is not allowed to pass through.
Firewall
Firewall

Recomendados

Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Firewall and its configuration
Firewall and its configurationFirewall and its configuration
Firewall and its configuration
Muhammad Baqar Kazmi
 
Firewalls in network
Firewalls in networkFirewalls in network
Firewalls in network
sheikhparvez4
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
Mohammed Maajidh
 
E firewalls
E firewallsE firewalls
E firewalls
Abhiroop Ghatak
 
What is firewall
What is firewallWhat is firewall
What is firewall
Harshana Jayarathna
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
LakshmiSamivel
 
Firewalls
FirewallsFirewalls
Firewalls
Shashwat Shriparv
 

Recomendados

Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Firewall and its configuration
Firewall and its configurationFirewall and its configuration
Firewall and its configuration
Muhammad Baqar Kazmi
 
Firewalls in network
Firewalls in networkFirewalls in network
Firewalls in network
sheikhparvez4
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
Mohammed Maajidh
 
E firewalls
E firewallsE firewalls
E firewalls
Abhiroop Ghatak
 
What is firewall
What is firewallWhat is firewall
What is firewall
Harshana Jayarathna
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
LakshmiSamivel
 
Firewalls
FirewallsFirewalls
Firewalls
Shashwat Shriparv
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
Revanth71
 
Note8
Note8Note8
Note8
Sazzadul Haque
 
Firewalls
FirewallsFirewalls
Firewalls
Dr.Florence Dayana
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet Bawa
Puneet Bawa
 
FIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALAFIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALA
Saikiran Panjala
 
Computer network 6
Computer network 6Computer network 6
Computer network 6
MDHASNAIN23
 
Defcon 23 - Chris Sistrunk - nsm 101 for ics
Defcon 23 - Chris Sistrunk - nsm 101 for ics Defcon 23 - Chris Sistrunk - nsm 101 for ics
Defcon 23 - Chris Sistrunk - nsm 101 for ics
Felipe Prado
 
Firewall
FirewallFirewall
Firewall
Ahmed Elnaggar
 
Firewall management introduction
Firewall management introductionFirewall management introduction
Firewall management introduction
Raghava Sharma
 
Group G
Group GGroup G
Group G
s1160113
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
skpatel91
 
Network forensics
Network forensicsNetwork forensics
Network forensics
ArthyR3
 
Ii2514901494
Ii2514901494Ii2514901494
Ii2514901494
IJERA Editor
 
Firewalls
FirewallsFirewalls
Firewalls
Sonali Parab
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
IJERA Editor
 
Describe firewalls
Describe firewallsDescribe firewalls
Describe firewalls
Влад Панасенко
 
Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility Solutions
Tom Kopko
 
Intrusion preventionintrusion detection
Intrusion preventionintrusion detectionIntrusion preventionintrusion detection
Intrusion preventionintrusion detection
IJCNCJournal
 
Comparative Analysis: Network Forensic Systems
Comparative Analysis: Network Forensic SystemsComparative Analysis: Network Forensic Systems
Comparative Analysis: Network Forensic Systems
ijsrd.com
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber security
KAMALI PRIYA P
 
Firewall
FirewallFirewall
Firewall
syeda zoya mehdi
 
What is a Firewall_ The Different Firewall Types.pptx
What is a Firewall_ The Different Firewall Types.pptxWhat is a Firewall_ The Different Firewall Types.pptx
What is a Firewall_ The Different Firewall Types.pptx
AneenaBinoy2
 

Más contenido relacionado

La actualidad más candente

Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility Solutions
Tom Kopko
 

La actualidad más candente (20)

Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Note8
Note8Note8
Note8
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet Bawa
 
FIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALAFIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALA
 
Computer network 6
Computer network 6Computer network 6
Computer network 6
 
Defcon 23 - Chris Sistrunk - nsm 101 for ics
Defcon 23 - Chris Sistrunk - nsm 101 for ics Defcon 23 - Chris Sistrunk - nsm 101 for ics
Defcon 23 - Chris Sistrunk - nsm 101 for ics
 
Firewall
FirewallFirewall
Firewall
 
Firewall management introduction
Firewall management introductionFirewall management introduction
Firewall management introduction
 
Group G
Group GGroup G
Group G
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
 
Network forensics
Network forensicsNetwork forensics
Network forensics
 
Ii2514901494
Ii2514901494Ii2514901494
Ii2514901494
 
Firewalls
FirewallsFirewalls
Firewalls
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
 
Describe firewalls
Describe firewallsDescribe firewalls
Describe firewalls
 
Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility Solutions
 
Intrusion preventionintrusion detection
Intrusion preventionintrusion detectionIntrusion preventionintrusion detection
Intrusion preventionintrusion detection
 
Comparative Analysis: Network Forensic Systems
Comparative Analysis: Network Forensic SystemsComparative Analysis: Network Forensic Systems
Comparative Analysis: Network Forensic Systems
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber security
 

Similar a Firewall

what is firewall in information security?
what is firewall in information security?what is firewall in information security?
what is firewall in information security?
haq107457
 
what is firewall in information security?
what is firewall in information security?what is firewall in information security?
what is firewall in information security?
ezoicxcom
 

Similar a Firewall (20)

Firewall
FirewallFirewall
Firewall
 
What is a Firewall_ The Different Firewall Types.pptx
What is a Firewall_ The Different Firewall Types.pptxWhat is a Firewall_ The Different Firewall Types.pptx
What is a Firewall_ The Different Firewall Types.pptx
 
Firewall
FirewallFirewall
Firewall
 
Firewall ,Its types and Working.pptx
Firewall ,Its types and Working.pptxFirewall ,Its types and Working.pptx
Firewall ,Its types and Working.pptx
 
Firewall security in computer security
Firewall security in computer security Firewall security in computer security
Firewall security in computer security
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
 
What are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdfWhat are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdf
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer network
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Firewall
FirewallFirewall
Firewall
 
Firewall
Firewall Firewall
Firewall
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
 
Firewall
FirewallFirewall
Firewall
 
what is firewall in information security?
what is firewall in information security?what is firewall in information security?
what is firewall in information security?
 
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPUREFIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
 
what is firewall in information security?
what is firewall in information security?what is firewall in information security?
what is firewall in information security?
 
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptxCSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
CSS (KNC-301) 4. Packet Filtering Firewall By Vivek Tripathi.pptx
 

Más de ArchanaMani2

Más de ArchanaMani2 (10)

Software evolution and Verification,validation
Software evolution and Verification,validationSoftware evolution and Verification,validation
Software evolution and Verification,validation
 
Code scheduling constraints
Code scheduling constraintsCode scheduling constraints
Code scheduling constraints
 
Ajax enabled rich internet applications with xml and json
Ajax enabled rich internet applications with xml and jsonAjax enabled rich internet applications with xml and json
Ajax enabled rich internet applications with xml and json
 
Excellence in visulization
Excellence in visulizationExcellence in visulization
Excellence in visulization
 
The linux system
The linux systemThe linux system
The linux system
 
Big data
Big dataBig data
Big data
 
Transaction management
Transaction managementTransaction management
Transaction management
 
Topological Sort and BFS
Topological Sort and BFSTopological Sort and BFS
Topological Sort and BFS
 
Genetic algorithm
Genetic algorithmGenetic algorithm
Genetic algorithm
 
Inheritance and overriding
Inheritance and overridingInheritance and overriding
Inheritance and overriding
 

Último

Último (20)

FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 

Firewall

  • 2. This includes: Introduction How is Firewall different from an Antivirus? History and Development of Firewall Types of Firewall Functions of firewall
  • 3. Introduction: • A Firewall manages the secure in-flow and out-flow of data in a device. It monitors the network traffic and acts as a barrier between the trusted and untrusted network. • The concept of Firewall is important for people interested in understanding the network security aspect of a computer device and also for those looking forward to strengthening their Computer Awareness. • This is even an important topic from the perspective of competitive exams which comprise Computer Knowledge as a compulsory subject. Candidates will find all the necessary information well-explained here, along with well- explained notes.
  • 4. How is Firewall different from an Antivirus? A firewall is a security network designed to protect computer systems and networks from malicious attacks.  Whereas, Antivirus is a software utility program designed to protect a system from internal attacks from viruses.  Get a tabulated and detailed comparison between the two at the Difference Between Firewall and Antivirus page. With regard to a Firewall, another term that is frequently being used is a Computer Network. To get a detailed explanation and understanding of networking, candidates can visit the linked article.
  • 5. History and Development of Firewall The term ‘Firewall’ actually meant a wall which intended to confine a fire within a line of adjacent buildings.  It was only in the late 1980s when this was acknowledged as a computer terminology. It was during this time that the Internet has started to emerge as a new tool for global use. Thus, having a means which could secure the transmission and flow of data was required by many. Until the Firewall was introduced, routers performed the same function as it restricted the number of people who could use a particular network.
  • 6. Types of Firewall Packet-Filtering Firewalls Circuit-Level Gateways Stateful Inspection Firewalls Proxy Firewalls Next-Generation Firewalls Cloud Firewalls Software Firewalls Hardware Firewalls
  • 7. Packet-Filtering Firewalls When it comes to types of firewalls based on their method of operation, the most basic type is the packet-filtering firewall. It serves as an inline security checkpoint attached to a router or switch. As the name suggests, it monitors network traffic by filtering incoming packets according to the information they carry. As explained above, each data packet consists of a header and the data it transmits. This type of firewall decides whether a packet is allowed or denied access based on the header information. To do so, it inspects the protocol, source IP address, destination IP, source port, and destination port. Depending on how the numbers match the access control list (rules defining wanted/unwanted traffic), the packets are passed on or dropped.
  • 8.
  • 9. Advantages Fast and efficient for filtering headers. – Don’t use up a lot of resources. – Low cost. Disadvantages No payload check. Vulnerable to IP spoofing. Cannot filter application layer protocols. No user authentication.
  • 10. Circuit-Level Gateways Circuit-level gateways are a type of firewall that work at the session layer of the OSI model, observing TCP (Transmission Control Protocol) connections and sessions. Their primary function is to ensure the established connections are safe. In most cases, circuit-level firewalls are built into some type of software or an already existing firewall. Like pocket-filtering firewalls, they don’t inspect the actual data but rather the information about the transaction.  Additionally, circuit-level gateways are practical, simple to set up, and don’t require a separate proxy server.
  • 11. Advantages Resource and cost-efficient. – Provide data hiding and protect against address exposure. – Check TCP handshakes. Disadvantages No content filtering. – No application layer security. – Require software modifications.
  • 12. Stateful Inspection Firewalls A stateful inspection firewall keeps track of the state of a connection by monitoring the TCP 3- way handshake.  This allows it to keep track of the entire connection – from start to end – permitting only expected return traffic inbound. When starting a connection and requesting data, the stateful inspection builds a database (state table) and stores the connection information.  In the state table, it notes the source IP, source port, destination IP, and destination port for each connection
  • 13. Cont., Using the stateful inspection method, it dynamically creates firewall rules to allow anticipated traffic. This type of firewall is used as additional security.  It enforces more checks and is safer compared to stateless filters.  However, unlike stateless/packet filtering, stateful firewalls inspect the actual data transmitted across multiple packets instead of just the headers. Because of this, they also require more system resources. Keep track of the entire session. Inspect headers and packet payloads.
  • 14. Proxy Firewalls A proxy firewall serves as an intermediate device between internal and external systems communicating over the Internet. It protects a network by forwarding requests from the original client and masking it as its own. Proxy means to serve as a substitute and, accordingly, that is the role it plays. It substitutes for the client that is sending the request. When a client sends a request to access a web page, the message is intersected by the proxy server. The proxy forwards the message to the web server, pretending to be the client. Doing so hides the client’s identification and geolocation, protecting it from any restrictions and potential attacks. The web server then responds and gives the proxy the requested information, which is passed on to the client.
  • 15. Next-Generation Firewalls The next-generation firewall is a security device that combines a number of functions of other firewalls. It incorporates packet, stateful, and deep packet inspection. Simply put, NGFW checks the actual payload of the packet instead of focusing solely on header information. Unlike traditional firewalls, the next-gen firewall inspects the entire transaction of data, including the TCP handshakes, surface-level, and deep packet inspection. Using NGFW is adequate protection from malware attacks, external threats, and intrusion. These devices are quite flexible, and there is no clear-cut definition of the functionalities they offer. Therefore, make sure to explore what each specific option provides.
  • 16. Cloud Firewalls A cloud firewall or firewall-as-a-service (Faas) is a cloud solution for network protection. Like other cloud solutions, it is maintained and run on the Internet by third-party vendors. Clients often utilize cloud firewalls as proxy servers, but the configuration can vary according to the demand. Their main advantage is scalability. They are independent of physical resources, which allows scaling the firewall capacity according to the traffic load. Businesses use this solution to protect an internal network or other cloud infrastructures (Iaas/Paas).
  • 17. Software Firewalls A software firewall is installed on the host device. Accordingly, this type of firewall is also known as a Host Firewall. Since it is attached to a specific device, it has to utilize its resources to work. Therefore, it is inevitable for it to use up some of the system’s RAM and CPU. If there are multiple devices, you need to install the software on each device. Since it needs to be compatible with the host, it requires individual configuration for each.  Hence, the main disadvantage is the time and knowledge needed to administrate and manage firewalls for each device. On the other hand, the advantage of software firewalls is that they can distinguish between programs while filtering incoming and outgoing traffic. Hence, they can deny access to one program while allowing access to another.
  • 18. Hardware Firewalls As the name suggests, hardware firewalls are security devices that represent a separate piece of hardware placed between an internal and external network (the Internet). This type is also known as an Appliance Firewall. Unlike a software firewall, a hardware firewall has its resources and doesn’t consume any CPU or RAM from the host devices. It is a physical appliance that serves as a gateway for traffic passing to and from an internal network. They are used by medium and large organizations that have multiple computers working inside the same network. Utilizing hardware firewalls in such cases is more practical than installing individual software on each device. Configuring and managing a hardware firewall requires knowledge and skill, so make sure there is a skilled team to take on this responsibility.
  • 19. Functions of Firewall Any data which enters or exits a computer network has to pass through the Firewall All the valuable information stays intact if the data packets are securely passed through the Firewall Every time a data packets passed through a Firewall, it records it which allows the user to record the network activity No data can be modified as it is held securely within the data packets Precisely, a Firewall ensures that all the data is secure and any malicious data trying to enter the internal network is not allowed to pass through.