Firewalls Explained

By Dani Magestro
Updated: August 31, 2012

Firewalls Explained

At the heart of every enterprise solution should be a strong firewall. Firewalls are security solutions that can be software or hardware based which help protect your network. Think of a firewall as the security checkpoint for your data. Nothing can get in or out without going through the checkpoint. The checkpoint analyzes every packet and then makes a determination of whether it should be allowed to pass through.

Networks are designed such that there is an outside connection, (usually the internet), to which you are connected in order to communicate and transfer data. That connection is passed through your firewall to reach your internal network. If you allow data to pass through without any filtering or inspection, you run risks of compromising your network and data. Everything from allowing corrupted data into your data and application systems, to viruses and automatic attempts to break into your system, up to human-controlled attempts to hack into your systems and data can occur if you do not have the necessary security measures in place.

When learning about firewalls it’s important to understand that a firewall is a system that is built to protect your network. There are multiple firewall setups you can purchase and implement. Some PC’s that run Windows even come with their own operating system firewall that consumers can use to help protect themselves and their data.

Firewall technologies have evolved mostly in three generations. The first of these is the packet filters type of firewall. Packet filters did just what they said; they filtered packets of data (the fundamental building block of data transfer on networks) in order to see if the data should be allowed to continue on. If the data passed the set of filter rules, it could then carry on and transfer to the next point in the network. During this process if data did not succeed in passing the packet rules it was then simply rejected often resulting in an error message and additional notifications.

The second generation of firewall technology were firewalls with stateful filters, which are known as stateful firewalls. These keep track of network connections, allowing the firewall to match packets with connections and make sure they are authorized on the network. While firewalls were originally invented to block incoming traffic, stateful filters make it possible to manage which connections are allowed and what packets of data can pass through. Rather than simply analyzing the data to determine whether or not it is acceptable, they can look at the network connection and determine if it has the authority to be sending data at all.

The third generation of firewall technologies are application layer firewalls. These have revolutionized the way data packets are managed and controlled when passing through the network. By adding a layer that determines whether or not the communication or data is appropriate for the application to which it is being delivered.

A key element to some firewalls is a proxy server. Proxy servers hide IP addresses and other identifying information. They help increase performance and security when implemented in a network, since they can also help block websites that might be unsafe or distracting to employees. You may have heard people at work talking about getting around a proxy or firewall in order to surf the web free of restrictions. People usually do this by using proxy bypass websites that allow users to browse the web through the bypass site, using it as another layer of software to access the internet.

So why would you need to worry about implementing a firewall within your network infrastructure? There are several security concerns that have attributed to the need to protect your data. One reason is since data no longer passes just within your organization, you have to protect it from whoever else might try to intercept it. By allowing it to go outside your network, and by accepting data transfer in, you now open up a world of possibilities in regards to possible data breaches. Data breaches by hackers and other malicious things is the number one reason for implementing a firewall.

The second most important reason to implement a firewall within your network is so that you can filter out offensive information within your business environment. Firewalls and their related technologies give you the upper hand in being able to filter out information that is not safe for the business of your organization.

Firewalls are important in any network infrastructure and are a strong tool you can use to secure your data. Using them is key to keeping your network walls up and ensuring that the automatic gatekeepers are doing their part as well.

Featured Research