Latest Hosting Posts
A firewall is a software or hardware system which enables a system to protect the data by selectively restricting the flow of incoming and outgoing traffic on a network. It allows the user to define security policies depending upon which the traffic is filtered. It isolates the private network from public network so that access to resources is controlled. A firewall works on different network layers. A firewall acting on one layer focuses on the policies assigned for it and is not concerned about its operation on other layers.
TYPES OF FIREWALLS:
A firewall is basically a filter which filters the traffic on the network based on the policies laid down for that particular firewall. Firewalls can be classified into different types of depending on the tangibility, location and application methods.
1. BASED ON TANGIBILITY
a. HARDWARE FIREWALLS
As the name implies- a hardware firewall is a hardware device placed in the path of the network through which traffic flows. It receives and analyses packets traveling to or from the network. The device then checks a list of previously specified access rules to see if it should allow the packet to continue to its destination, or if the packet should be discarded.
There are a number of advantages of using hardware firewalls.
The firewall devices do not depend on operating systems, such as Microsoft Windows or Linux, so they are immune to the number of bugs, viruses, and other malicious attacks that the operating systems suffer from.
Hardware firewalls also perform better and faster than software. They are also scalable, i.e.- additional devices can be added as and when needed.
Another advantage is that hardware firewalls only perform firewall related duties and are not burdened with other tasks. This type of single-purpose functionality allows these hardware devices to perform their designed tasks much more effectively than a multi-function software based solution.
Counter to the advantages, hardware firewalls also suffer from a number of disadvantages.
If the device breaks down, all inbound and outbound network traffic stops, which could be unacceptable to an organization.
Also hardware firewalls require specialized knowledge to install, configure, and administer effectively.
Finally, the financial costs are high due to initial installation costs and the expenses on maintenance and special management of the device.
b. SOFTWARE FIREWALLS
Software based firewalls are installed on an existing device, such as a workstation or server. They perform the same tasks as hardware firewalls, i.e., block or grant access to applications by referring to the configuration access rules.
But software firewalls are different in many aspects. They have some advantages like:
They are much simpler to use and do not require special knowledge to install or maintain.
Because a software firewall is running directly on a computer, it's in a position to know a lot more about network traffic than simply what port its using and where it's going -- it will also know what program is trying to access the Internet and whether it's legit or malicious.
They are less expensive to acquire as there are a number of free firewall applications available to download and also because they do not require some hardware device to be installed to make them work.
However, free solutions do not offer all the required features which are available in more expensive applications. Additionally, technical support is not readily available, and the overall effectiveness of free firewalls is suspect enough to the extent that they should not even be considered except for personal use or protecting marginally important resources.
Major problems with software based firewalls are -
Since they are installed on an existing operating system, they can be attacked by viruses and malware that have got embedded on their host machine, which increases the likelihood that the firewalls can be disabled or made useless by such attacks.
Also, to use software firewall the host system must have enough hardware resources (CPU and memory) available for the firewall to operate effectively.
Finally, another disadvantage of software firewalls is that the network administrators have to worry about keeping the firewall software updated and properly patched and the OS must be hardened as well.
2. BASED ON LOCATION IN NETWORK
a. HOST BASED FIREWALL
A host-based firewall is installed on an individual computer to protect it from activity occurring on its network. It is also known as personal firewall. The policy may affect what traffic the computer accepts from the Internet, from the local network, or even from itself.
b. NETWORK BASED FIREWALL
A network-based firewall is implemented at a specified point in the network path and protects all computers on the "internal" side of the firewall from all computers on the "external" side of the firewall. Network-based firewalls may be installed at the perimeter of a network to protect the network from hosts on the Internet such as separating the corporate from the residential systems. A network-based firewall cannot protect one computer from another on the same network, or any computer from itself.
3. BASED ON THE METHODS USED
a. PACKET FILTERING
This works upon the third layer of the network model. It uses pre-determined security rules to create filters. Packets (small chunks of data) are analysed against this particular set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.
Packet filtering firewalls work mainly on the first three layers of the OSI reference model, which means most of the work is done between the network and physical layers, with a little bit of peeking into the transport layer to figure out source and destination port numbers. When a packet originates from the sender and filters through a firewall, the device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the packet accordingly. When the packet passes through the firewall, it filters the packet on a protocol/port number basis (GSS). For example, if a rule in the firewall exists to block telnet access, then the firewall will block the TCP protocol for port number 23.
b. PROXY SERVICE
Firewall proxy servers also known as application level firewalls operate at the application layer of the network. Here both ends of a connection, i.e., the internet and the internal network are forced to conduct the session through a proxy. It is done by creating and running a process which mirrors the service as if it were running on the end host. Thus, all information to be transferred is centralized for an activity to the firewall for scanning.
c. STATEFUL INSPECTION
It is a new method that doesn't examine the contents of each packet but compares certain key parts of the packet to a database of trusted information instead. Information traveling from the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed to pass through, otherwise discarded.
In practice, many firewalls use a combination of two or more of these techniques to provide better security restrictions.
Windows 7, Vista, and XP, have built in software firewalls in the operating system. Earlier versions of Windows did not have firewalls built in. Macintosh computers running Mac OS X 10.2 and later are also equipped with a built-in firewalls.
Third-party firewall packages also exist, such as Zone Alarm, Norton Personal Firewall, Tiny, Black Ice Protection, and McAfee Personal Firewall. Many of these offer free versions or trials of their commercial versions.
Small broadband routers have firewall capabilities built in so that the traffic can be controlled at a centralized place. Firewalls are an important ingredient in providing security to any network and must always be installed.
We, at Aarken Technolgies, use the Webguard (see http://www.aarktech.net or http://www.urtechnologies.net for details) as the physical barrier to malware and also ensure that the various applications we deliver are fully protected through the very best and most dependable firewall configurations.