BotNet News

Firewalls help in preventing cyber attacks by blocking unwanted traffic and keeping your network secure.

A firewall is a software or hardware device that filters the data packets entering your computer and network. When a malicious or harmful data packet is detected, the firewall blocks it from entering your computer or network.

Stateful inspection firewalls monitor open connections, comparing the packet header to its table of established connection information. If the packet matches an existing connection, the firewall lets it through without further analysis. However, these types of firewalls can be vulnerable to denial-of-service (DoS) attacks, which take advantage of connections that are already established.

Unified threat management firewalls integrate antivirus, anti-malware, content filtering, and intrusion prevention systems into a single system. This type of firewall is useful for small and medium-sized businesses that want a single solution to address all their security needs.

Packet filtering firewalls operate inline at junction points where devices such as routers and switches do their work. These firewalls compare each packet to a set of pre-established criteria — such as the allowed IP addresses, type, and port number.

Circuit level: These firewalls monitor TCP handshakes and other network protocol session initiation messages across the network as they are established between the local and remote hosts. The information in these messages can alert the firewall to potentially harmful data, and it can then discard that data before it spreads to other cyber entities.

Generally, there are two basic design policies for firewalls: one permits any service unless it is explicitly denied and the other denies any service unless it has been identified as allowed. These policies are largely influenced by understanding firewall capabilities and limitations as well as threats and vulnerabilities associated with TCP/IP.