BotNet News

Your source for Online Security News

Firewall is an important part of your network security system that helps in keeping threats away from internal networks. It is a system that filters network traffic coming from outside of the organization and identifies any suspicious activity and blocks it. Firewall can be installed in a hardware appliance or as software in your computer. It is essential to keep your firewall updated as new threat patterns are discovered. Having a well-designed and optimized firewall rule base will help in delivering expected security protection. This can be done by discarding unessential shadowed rules and removing duplicates or unnecessary rules that hinder the firewall performance.

Before the advent of firewalls, network security was performed by Access Control Lists (ACL) residing on routers. But ACL could not identify the nature of a packet it was dealing with, so they were less effective. Firewalls are able to detect and block malicious packets by matching them against a set of pre-configured rules.

In-depth Analysis

Firewalls are categorized as network-based and host-based systems. Network-based firewalls are positioned between networks and are able to monitor inbound and outbound network traffic on a per-device basis. They are available as software or hardware appliances that can be installed on general-purpose or special-purpose hardware. NGFWs are integrated devices that offer firewall, intrusion detection and prevention, and virtual private networking functions in one device to deliver flexibility and efficiency.

Packet filtering firewalls operate in line at junction points and analyze the information contained within each packet of data as it is being transferred across the network. Any information that is flagged as suspicious is blocked and the packet is discarded before it can cause harm to the system. Circuit level gateways examine the handshake between cyber entities in the session layer of the Open System Interconnection (OSI) model to determine whether the connection is legitimate.