BotNet News

Your source for Online Security News

Firewall

Firewalls are software or hardware systems that form a barrier between segments of your network and the internet. They inspect data both as it comes in and out, preventing hackers from penetrating your system, stealing sensitive information or spreading malware.

Firewall software works in a manner similar to a guard at a gate, examining each packet of data that arrives and making decisions about where it came from and where it is going (or both). Like a denied visitor being turned away, a blocked data packet is simply rejected and never makes it into your system.

Different firewall types use a variety of methods to examine and evaluate data packets, from simple packet filtering and TCP verification to stateful inspection, proxy services, and advanced threat protection techniques. They also differ in terms of performance impact and ease of management.

Packet-filtering firewalls examine each data packet based on a set of rules that are created and updated manually, relying on basic criteria like IP addresses, ports, ICMP protocol type codes and more. These are the most common and widely used, but offer only limited security. They can be bypassed by savvy hackers, which is why it’s important to upgrade to a more robust solution such as a stateful inspection firewall or an NGFW.

A proxy firewall acts as a middleman between external networks and internal host computers. It inspects each data packet based on the policies and rules set for specific applications such as FTP, HTTP, DNS, etc. These are a more sophisticated and secure option, but have a greater performance impact on the overall network. A next-generation firewall offers more powerful security by examining data packets at multiple layers of the OSI model. This enables them to read and analyze both the data packet payloads and headers for more in-depth examination and prevention of threats.