BotNet News

Your source for Online Security News

Firewall

Firewalls are network devices that filter incoming data and allow or block specific packets based on pre-established security rules. They protect networks by blocking malicious traffic and alerting users to intrusions.

Modern firewalls can be software based or hardware appliances. Most come with a default policy that is generally less restrictive than organizations need in order to be effective and prevent cyberattacks. These default settings should be reviewed and changed regularly to stay up-to-date with new cybersecurity threats as they develop.

The most basic firewall is a packet filter that inspects data packets and looks at multiple aspects of each, including source, destination and type code (which indicates what the packet is meant to do). In general, it allows good traffic into the private network and blocks malicious traffic that could otherwise lead to a cyberattack.

More advanced firewalls can also monitor applications and protocols in order to detect and stop attacks. They can also use advanced authentication mechanisms to tackle the weakness of traditional passwords by using different types of security tokens and other methods to verify user identity.

Those that perform deep packet inspection (DPI) can look at things like the contents of each packet and which application the packet is trying to access, which can help stop malware attacks that try to terminate an existing process and take over its port. Another feature that is available is identity awareness, which lets the firewall enforce rules based on who the client is.