you wanted to know about Firewalls (but were afraid to ask)
are increasingly relying on the Internet to perform their day-to-day
business. As an
organization’s Internet use has increased most companies have moved
away from dial-up connections to cable, DSL, and T1 (broadband)
connections that are always connected to the Internet.
While these connections offer substantial performance improve-ments
they also expose the computer network to a greater risk of outside
This greater risk has given rise to the increased importance of
protecting data, electronic services, and property from being stolen,
damaged, or misused. One
way to increase network security is to use a firewall.
A firewall provides a boundary between a private network such as
your LAN (Local Area Network) and the outside world.
Firewalls help promote security by acting as a gateway through
which all traffic moving in and out of the network must pass.
A firewall is configured to filter packets, i.e. to let certain
ones through and block all others.
The most basic filtering is done by allowing or denying packets
based on the source or destination IP address.
The next level of filtering is done on the “ports” required
for a particular application (e.g.: www, FTP, telenet) to operate.
No firewall is hack proof but if your firm only permits outbound
requests (i.e. does not host a web site, FTP site, permit remote access
to email, etc.), you can really make your environment secure by only
permitting packets in which are in response to your own outbound
There are two styles of firewalls, software and hardware. Software firewalls consist of software that is loaded
on a server on your network and then configured.
A very popular software firewall program is Microsoft’s ISA
Server. Software solutions
allow for greater expandability and control however can also have more
vulnerabilities. A hardware
firewall is an additional piece of hardware that is connected between
the external router and LAN. Hardware
firewalls, also known as Firewall Appliances, have become more popular
recently because of their affordability, ease of installation, and ease
Within these styles, firewalls can differ widely in the level of
protection, features that they offer, and price.
Some of these features are closely related to a protection
function whereas others have been bundled for convenience.
Almost all firewalls feature user definable logging of normal or
suspicious events to serve as an audit trail.
Many firewalls have intrusion and attack detection to protect
your network against denial -of-service attacks where your router is
flooded with so much data that valid users cannot get through.
Some of the services are those more traditionally associated with
routers such as internet connection sharing or VPN’s.
If a hard drive is available, caching and reverse caching can be
enabled to store commonly accessed data for faster access.
Some services offered on firewalls replace traditional standalone
products such as web
content filtering (prevent access to undesirable web sites), email
content filtering (scan email for certain words, content, or
attachments), SPAM filtering (to help eliminate the dozens of
unsolicited emails a person might receive each day), and Antivirus
filtering (to prevent files with viruses from even entering the