BotNet News

Your source for Online Security News

Firewall

A firewall is a security software or dedicated hardware-software unit that restricts traffic from entering, leaving, or within a private network. It analyzes incoming data packets based on pre-established security rules to determine whether they are benign or malicious, then allows them to pass or blocks them from entering.

Firewalls protect networks from attacks by analyzing the contents of a packet and determining whether it contains malicious code. Some firewalls also inspect the network connection itself to prevent unauthorized connections from using your private data and other resources.

There are three primary types of firewalls: circuit-level gateways, stateful inspection, and proxy firewalls (application-layer). Each type is specialized in protecting specific applications from different threats and vulnerabilities.

Circuit-Level Gateways

Unlike application-layer firewalls, which examine packets to determine their content, circuit-level gateways work by verifying the transmission control protocol handshake to ensure that the session is legitimate. They are resource-efficient and able to handle a higher level of protection than packet-based firewalls.

Packet Filtering Firewalls

The oldest and most basic form of firewall, packet filtering firewalls allow or block the flow of data based on the source IP address, destination IP address, protocol, and port of the packet. While these firewalls provide a basic level of protection, they are extremely limited in their ability to detect advanced threats and attacks.

Proxy Firewalls

Unlike packet-filtering firewalls, proxy firewalls are able to read and understand more complex application protocols like FTP, HTTP, and DNS. They can also inspect the payload of a data packet to distinguish valid requests from malicious code disguised as a valid request for data.