BotNet News

Your source for Online Security News

Firewall

Firewalls filter and analyze data packets as they enter a private network, allowing or blocking them based on a set of pre-established rules. They serve as your organization’s first line of defense to mitigate the risk of cyberattacks that can degrade or disrupt business operations, online transactions and communications.

A firewall safeguards private networks, including home and office computers and other devices that ‘talk’ to each other across the Internet. Firewalls protect against unauthorized threats such as malware (ransomware, viruses, spyware, adware), trojan horses and worms that infiltrate one device and then spread to other devices on the network.

The most basic type of firewall uses a set of rules to determine whether or not a data packet should enter the guarded network. These rules are based on information such as the packet’s source and destination addresses, the application it is meant for, and its content.

Packet filters examine each piece of data sent over a computer network, called a packet, which includes the sender’s and receiver’s IP addresses and port numbers. The firewall compares this data to a set of rules and decides to open or close the network gate accordingly.

While these packet filters are good at catching simple types of attacks, they can be hijacked by hackers who “man-in-the-middle” traffic and send altered data packets that match the original, legitimate ones. Deep packet inspection, also known as DPI, identifies malware and other malicious code by scanning for signatures in individual data packets instead of inspecting the entire connection. This technology also detects changes in the underlying protocol used to transfer the packet’s contents, which is especially useful when it comes to detecting hidden Trojan horses and other threats.