BotNet News

Your source for Online Security News

Firewall

Firewall: A firewall is a security device that helps protect networks and information by controlling incoming and outgoing traffic. It does this by establishing a boundary between an external network and the guarded network, inspecting packets (units of data), and applying pre-established rules to differentiate benign from malicious packets.

A firewall can also block unauthorized access to the network. This is achieved by blocking unauthorized connections to specific ports on the firewall.

Default policy: A default policy is a set of rules that the firewall will follow when no other rule is defined. If no rule is defined to allow SSH connection to a server, the firewall will follow the default policy to allow this.

Application gateway: Applications like web servers and email servers can be targeted by hackers and malware, which can exploit vulnerabilities in web servers or application code to create forged requests to the servers. This can lead to a wide range of security breaches.

Stateful inspection: SMLI firewalls filter packets at the network, transport, and application layers, comparing them against known trusted packets. Similar to NGFW firewalls, SMLI examines the entire packet to ensure that all initiated communications are only taking place with trusted sources.

Unified threat management: UTM firewalls combine SMLI with intrusion prevention and antivirus software, as well as cloud management.

Firewalls can also be implemented in software or virtualized in the cloud, which is especially convenient for large businesses that don’t have the resources to maintain an appliance at their physical locations. However, this means that any changes made to the firewall must be logged and recorded for compliance and audits.