Firewall – the safety zone

A firewall is software which runs on a different computer, or an appliance which is used to inspect traffic passing through a network and permits or denies passage on the basis of some rules. A firewall is committed software running a computer, which examines the network traffic, which passes through it, and rejects or allows passage depending on some set rules. In other words, regulation of the traffic amongst the computer networks for varied trust levels is the main function of the firewall. Internet is the “no trust zone” and an “internal network” is the high trusted zone. So we use firewall to prevent unwanted infringement to a personal network.

A firewall’s main job is to manage a part of the traffic flow between networks of varying trust levels. Some examples are an internal network, a higher trust zone and the Internet, a no trust zone. A zone, whose trust level is intermediate, that is, placed between an internal network and the Internet, is often called a Demilitarized zone (DMZ) or a perimeter network. If the installation of a firewall is not done cautiously, then the purpose of it gets defeated. The “standard-security-practices” suggests a definite set of rules to be followed where the permissible network connections are freely allowed. In this type of configuration elaborate understanding and consideration of the required endpoints and network applications is vital for any organizational operations. Most of the businesses lack those specific understandings, wherein they put into practice a “default allow” set of rules, where all traffic has a free entry unless blocked purposely.

Protection of a personal or a home network starts with the implementation of the hardware firewall. The routers rely on the “network-address-translation” (NAT). The “stateful-packet-inspection” (SPI) technology: an advanced design to guarantee that the computer receive data which they had asked for, is also used by some users. After the setup of the routers, periodically the password needs to be changed for safety reasons.

Realated Weblinks

The Firewall FAQ
Dartmouth College Institute for Security Technology Studies firewall FAQ and other information and research documents in related areas.

Firewalls and Internet Security: Repelling the Wily Hacker
Web site for the book Firewalls and Internet Security: Repelling the Wily Hacker Second Edition by William R. Cheswick, Steven M. Bellovin, and Aviel D. Rubin. Contains some sample sections and a link to the complete contents of the First Edition.