Firewalls Explained

By Dani Magestro
Updated: June 25, 2012

Firewalls Explained

At the heart of every enterprise solution should be a strong firewall. Firewalls are security solutions that can be software or hardware based which help protect your network. Think of a firewall as the security checkpoint for your data. Nothing can get in or out without going through the checkpoint. The checkpoint analyzes every packet and then makes a determination of whether it should be allowed to pass through.

Networks are designed such that there is an outside connection, (usually the internet), to which you are connected in order to communicate and transfer data. That connection is passed through your firewall to reach your internal network. If you allow data to pass through without any filtering or inspection, you run risks of compromising your network and data. Everything from allowing corrupted data into your data and application systems, to viruses and automatic attempts to break into your system, up to human-controlled attempts to hack into your systems and data can occur if you do not have the necessary security measures in place.

When learning about firewalls it’s important to understand that a firewall is a system that is built to protect your network. There are multiple firewall setups you can purchase and implement. Some PC’s that run Windows even come with their own operating system firewall that consumers can use to help protect themselves and their data.

Firewall technologies have evolved mostly in three generations. The first of these is the packet filters type of firewall. Packet filters did just what they said; they filtered packets of data (the fundamental building block of data transfer on networks) in order to see if the data should be allowed to continue on. If the data passed the set of filter rules, it could then carry on and transfer to the next point in the network. During this process if data did not succeed in passing the packet rules it was then simply rejected often resulting in an error message and additional notifications.

The second generation of firewall technology were firewalls with stateful filters, which are known as stateful firewalls. These keep track of network connections, allowing the firewall to match packets with connections and make sure they are authorized on the network. While firewalls were originally invented to block incoming traffic, stateful filters make it possible to manage which connections are allowed and what packets of data can pass through. Rather than simply analyzing the data to determine whether or not it is acceptable, they can look at the network connection and determine if it has the authority to be sending data at all.

The third generation of firewall technologies are application layer firewalls. These have revolutionized the way data packets are managed and controlled when passing through the network. By adding a layer that determines whether or not the communication or data is appropriate for the application to which it is being delivered.

A key element to some firewalls is a proxy server. Proxy servers hide IP addresses and other identifying information. They help increase performance and security when implemented in a network, since they can also help block websites that might be unsafe or distracting to employees. You may have heard people at work talking about getting around a proxy or firewall in order to surf the web free of restrictions. People usually do this by using proxy bypass websites that allow users to browse the web through the bypass site, using it as another layer of software to access the internet.

So why would you need to worry about implementing a firewall within your network infrastructure? There are several security concerns that have attributed to the need to protect your data. One reason is since data no longer passes just within your organization, you have to protect it from whoever else might try to intercept it. By allowing it to go outside your network, and by accepting data transfer in, you now open up a world of possibilities in regards to possible data breaches. Data breaches by hackers and other malicious things is the number one reason for implementing a firewall.

The second most important reason to implement a firewall within your network is so that you can filter out offensive information within your business environment. Firewalls and their related technologies give you the upper hand in being able to filter out information that is not safe for the business of your organization.

Firewalls are important in any network infrastructure and are a strong tool you can use to secure your data. Using them is key to keeping your network walls up and ensuring that the automatic gatekeepers are doing their part as well.

Related Categories
Featured Research
  • Office365 Adoption eGuide

    Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more

  • Okta Directory Integration

    For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more

  • Securing Enterprise Information Technology

    In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more

  • Top 8 Identity and Access Management Challenges with Your SaaS Applications

    With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more

  • Better BYOD with Pulse Secure and MDM Partners

    Learn how Pulse Secure and leading MDM product partners are transforming the way employees and IT benefit from the productivity and flexibility of BYOD — without compromising security or increasing management complexity. more