How does Firewall Work and Why do you Need a Firewall

H

Firewall

Every computer connected to the Internet (more precisely, any computer network) is susceptible to being the victim of attack by hackers. Attackers try to sweep the network (sending data packets in a random way) in search of a connected machine. Then look for a security hole and tries to penetrate from that point.

Computers connected to network permanently are in greater danger of attacks. The computer can be affected for several reasons. For example, the target computer is connected without permanent supervision, it does not change IP address frequently or does it very extensively. Fortunately, a tool called Firewall is to protect us from the intrusions of these cyber criminals.

Read This: How to troubleshoot Internet connection

What is a Firewall?

Firewall is a software or hardware devices designed to protect any interconnection points between an internal private network (eg. an Intranet) and an external public network (eg. Internet) or between two different networks.

Firewall act like filters. It controls all the incoming and outgoing traffic in a network. It only permits authorized traffic through the network.

To explain it a bit further, the logical functioning of the Internet is based on TCP / IP protocol. It can be thought as a stack. Each level of this stack, deals with managing a single problem.
In a TCP / IP network or Internet, each connected device is uniquely identified with an IP address. In this way, the device will be reachable from any other device physically connected to the Internet from any part of the world.

The nature of TCP / IP imposes the use of a firewall that protects the perimeter of the local computer network. In other words, the resources available on servers and workstations connected to your LAN should not be exposed to the outside, unless specifically needed.

How does a Firewall Work?

how does a Firewall work

A firewall works as a barrier between the internet or other public networks and your computer. Any type of traffic that is not on the list allowed by the firewall can not enter or leave the computer. The hardware and software firewalls work the same way. In accordance with the configuration defined by the user, the firewall compares the received data with security policies and either skips or blocks packets. To illustrate the thing, let’s imagine that a computer is a shopping bag. You are a firewall, and the Internet is a store with products. You have a list of purchases of what you need to buy, consider it as firewall permissions. Let it contain elements such as “vegetables”, “fruits” and “bread”.

On the computer, the firewall will block the passage of any element that is different from the “vegetables”, “fruits” and “bread”, and will not allow them into your “bag”, and will only skip what is on the list, such a list is called whitelist. Hence the importance of properly configuring the firewall, because if you turn the “beer” or “chips” into a whitelist, the firewall will not block them. This method is called Packet Filtering. All data passing through the network is organized in packages.

As with any other security solution, the firewall can not provide 100% protection, since there are intruders who specialize in penetrating all security elements using undocumented Windows features and other tools and techniques. For example, experienced hackers can present their product “chips” under the guise of “bread”, hiding inside, which naturally corresponds to the allowed firewall rules and it will miss it, and then having access to your machine will do its dirty business.

A firewall system contains a set of predefined rules that allow:

  • Authorize a connection (Allow)
  • Block a connection (Deny)
  • Redirect a connection request without notifying the sender (Drop).

The set of these rules allows to install a filtering method dependent on the security policy adopted by the organization. There are usually two types of security policies that allow:

  • Allow only explicitly authorized communications: “Everything not explicitly allowed is strictly forbidden”.
  • Prohibit everything that’s not explicitly permitted.

Hardware Firewall

hardware firewall is usually installed on the routers we use to access the Internet, which means that all the computers behind the router will be protected by a firewall that is included in the device. Most of the routers come with a firewall installed.

The configuration of a hardware firewall is more complicated than the installation of a software firewall. The configuration is usually done through the browser used to access the Internet. The price difference between a router with a firewall and a router without a firewall is very small. So it is advisable to buy a router with firewall protection.

It is possible to have a hardware firewall and a software firewall simultaneously active to achieve greater protection, but you have to have an extensive knowledge in the security field so that all of this fulfills its function correctly without overlapping.

How does a Hardware Firewall Work?

Hardware firewalls use proprietary operating systems specially designed by developers to filter packets.

In order to hardware firewall to work properly, it is important to correctly install it. Then connect it after configuring it properly. The hardware firewall is a simple device that includes a set of applications for centralizing access control and protecting information. The main functions performed by the hardware firewall are the same as those of the software like packet analysis, traffic filtering and redirection, connection authentication, protocol content locking, data encryption etc.

Often to increase the security it is necessary to install several hardware firewalls. It is possible to combine different types of hardware firewall into one system. The use of firewalls with different structures on the basis of different architectures allows creating a higher level of protection.

The biggest difference between a software and a hardware firewall is not in functionality. Difference in the way of use. Nobody hinders to choose a hardware firewall with the necessary functions. Typically, a software firewall is installed on each network PC (for each server and for each workstation). Hardware firewall does not protect a single PC, but the entire network at once. Of course, no one will prevent you from installing a hardware firewall for each PC, but it all depends on the money. Given the cost of hardware, you probably will not want to protect each PC with a hardware firewall.

What Does Firewall Do?

Basically Firewall protects you from the unwanted penetration of your network. Firewall covers ranges of features that include:

  1.  Prevent a hacker or an unauthorized person from remotely connecting to our computer.
  2.  Analyzes all network packets.
  3.  It is able to block traffic to certain malicious websites.
  4.  Block dangerous web pages, with inappropriate and immoral content.
  5.  Prevents external or strange applications from connecting to your computer.
  6.  It can deny certain types of traffic if you set the firewall rules properly.
  7.  Protect your Internal Network Address (NAT).

What Firewall Cannot do?

Lots of things Firewall cannot do when it is about total online protection from every kind of threats. Here we have listed down the things Firewall cannot do.

  1. Firewall cannot protect you from Viruses.
  2. It cannot filter spam. So you have to take care of this of your own.
  3. Firewall cannot prevent phishing, malware threats.
  4. It can’t prevent keyloggers to make log of your key tapping. In this way your passwords get into danger.
  5. Firewall cannot filter email attachment.

Firewalls Types

Basically there are five types of Firewall. But in the firewall industry, different companies refer the same firewall type with different terminology. Here are the five firewall types.

  1. Basic Packet Filter
  2. Circuit level gateways
  3. Application level gateways
  4. Stateful inspection firewalls
  5. Next-generation firewalls

Do Firewalls Protect Against Viruses?

The short answer is “No“. The basic function and characteristics of an Antivirus are different from Firewall. They are two different security and control systems. They are absolutely complementary each other, but not alternative.

Antivirus protects your PC from viruses perfectly through a control engine designed for a single file check.

The Firewall monitors, allows or blocks incoming and outgoing connections in the computer network. To guarantee the security of your computer network you can not disregard both of these tools. There are some Firewall software that have only basic protection functionalities. On the other hand, there are some security software which bundled with both antivirus and firewall features.

Importance of Firewall

The firewall continues to be a highly used security mechanism in organizations. According to the study ESET Security Report Latin America 2014, 76.6% of executives surveyed in 14 countries in the region said they have firewall solution, which places it in second place after the antivirus, in terms of most used security tools.

Firewall is necessary due to the benefits it provides in terms of protection. Mainly, filtering external connections that tend to penetrate some types of malicious software such as worms, viruses or botnets. Also, avoid penetration of possible intruders in the network or as a security measure to control connections to the outside.

About the author

Shoaib Ibn Abdullah

Add comment

Recent Posts

About Us

OS Troubleshoot is dedicated to provide the solutions of popular operating system’s problems. Our goal is to gather all the troubleshooting solutions in one place.