Aviva Directory » Computers & Internet » Security » Firewalls

A firewall is a computer security device that monitors incoming and outgoing network traffic and determines whether to allow or block specific traffic based on defined security rules.

A firewall can be software, hardware, or both. A software firewall is a computer program that is installed on each computer and designed to regulate traffic through port numbers and applications, while a hardware firewall is a piece of equipment installed between the user's network and gateway. It's best to have both a software and a physical firewall.

The chief purpose of a firewall is to establish a barrier between the user's internal network and incoming traffic from the Internet, blocking hackers and viruses. Traffic entering or leaving the local network to which you are connected must pass through the firewall, which examines each message and blocks those that fail to meet specified security criteria.

A firewall is the first line of defense. There are several types of firewalls, the most common being host-based and network-based. A host-based firewall is installed on individual servers, monitoring incoming and outgoing signals. Network-based firewalls may be built into the cloud's infrastructure or delivered as a virtual firewall service.

Other types of firewalls include packet-filtering firewalls, stateful inspection firewalls, proxy firewalls, and next-generation firewalls.

A packet-filtering firewall examines packets and blocks those that don't meet established security criteria while allowing those that meet the criteria to pass. There are two kinds of packet-filtering firewalls: stateful and stateless. Stateful firewalls are more secure than the stateless kind because they retain information about previously passed packets, while stateless firewalls examine each packet independently of the other, lacking context.

Packet-filtering firewalls are not able to determine if the contents of a request will have an adverse effect on the application it's reaching. Next-generation and proxy firewalls provide more security than the packet-filtering type.

Next-generation firewalls add functionality to traditional firewall technology, such as encrypted traffic inspection, antivirus protection, and other intrusion prevention systems. Unlike packet-filtering firewalls, next-generation firewalls conduct deep packet inspection, examining the data within the packet itself, allowing for more accurate detection of potentially malicious data.

Proxy firewalls filter network traffic at the application level, acting as an intermediary between two end systems. With a proxy firewall in place, the client sends a request to the firewall, where it is evaluated against a set of security rules, then either permitted or blocked.

In practice, many firewall systems use two or more of these techniques.

Firewalls are built into the macOS and Windows operating systems, and there are also third-party firewall packages, which may be offered as standalone software packages or as part of a larger security suite. Some broadband routers have firewall capabilities built-in, although these tend to be rudimentary.

Any topics relating primarily to computer network firewalls are appropriate for this category. However, software products in which a firewall is just a module should be listed in the software category most appropriate for its primary product.



Recommended Resources

Search for Firewalls on Google or Bing