BotNet News

Firewall is a network security device that monitors, filters and controls incoming and outgoing data traffic based on predetermined rules. It creates a barrier between trusted internal networks and untrusted external networks. It can be either a hardware device or software installed on a secure host computer.

It examines each packet (group of bytes) that carries data to or from an external computer, and decides whether to permit or block it based on criteria in the packet header, such as source and destination IP addresses, port numbers, and protocols. This process is called packet filtering. Firewalls that perform only this function are referred to as packet-based firewalls or network layer firewalls.

A more advanced firewall can detect illegitimate network connections that may be made using malware to control computers in your organization, or that are part of large groups of infected machines commanded by hackers and used as a botnet. It can also block network access to websites that contain known malicious content. This capability is commonly called content filtering.

Modern networks have more entry points and different types of users, so stronger access control and security at the host level are required. To accomplish this, NGFWs incorporate traditional firewall capabilities with intrusion prevention and detection systems. In addition, these devices can automatically reallocate resources between a firewall and other security applications during unexpected peak traffic conditions, and reassign them back to normal operations after conditions return to normal.