Firewalls come in software and hardware format. They are essential to layered security. Continuing the NCSAM initiative, this is a brief overview of the two types of firewalls, explaining what they are, and where they fit into a layered security plan.
What exactly are firewalls? (IMG:J.Anderson)
A firewall is like a bouncer at a club, where the club is your computer. The firewall will monitor traffic moving in and out of a computer. The traffic, called packets, moves constantly as applications access the Internet. You will trigger traffic simply by opening your Web browser. Now that the basics are out of the way, let’s look at our bouncer.
As the firewall watches traffic, there is often a list of known ports (if you are sticking to the club example, the ports are simply doors leading into the club) that sometimes contain malicious activity. What makes it malicious? Some types of Malware will open a port and attempt to download things; the firewall will notice this and stop the action.
Like a good bouncer, firewalls should always have a list. This list will allow only some types of traffic, for example Internet Explorer or iTunes, and then block all others. This list should be strictly controlled, and like a real bouncer at a club, the list should change often. This is where you get the classic firewall rule; block all, and allow some.
On software based firewalls, the allowed list is controlled by both the user and the vendor. The vendor will update a small database with known malicious signatures that the firewall will detect as malicious.
Often, the user part of this process comes from the “allow” or “deny” questions that the software will ask. It is important to pay close attention to these alerts, and if in doubt, most firewalls will have a help option that will explain what the process likely is, and if there is any potential risk.
In IT, that is the business world, the firewall can come in an appliance that resides in the network room or in a datacenter. This firewall is the same as the software one, only it allows far more granular control. The methodology of block all and allow some, as well as the vendor updated list in some appliances, still applies.
That is the basic overview of a firewall. The basics are a good place to start, but it is important to test various solutions before using them at home or in the office. Some offer more than simple network protection, as they will couple email protection with other levels of security to round out the total product offering.
Business and home users should take advantage of trials and demos offered by various vendors, and spend their money on something they are comfortable with.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story