What a firewall is and what the different available firewalls are.
What is a Firewall?
If you’ve been a PC user for a while, you may have heard the term “firewall” before. This is taken from the construction term which referred to a physical wall that would contain a fire in a building. In the computing world, it now means a specific device or devices that serve to filter out traffic with the goal of protecting and/or hiding your internal network of computers (say, your home computers).
All firewalls are essentially machines that operate on sets of rules, and their basic function is to filter some of the passing traffic based on these rules. Most basic firewalls are made for very specific scenarios, such as that in the home, and require very little configuration.
These rudamentary firewalls (such as the one built into Windows XP) typically block all but known-good traffic (such as that for Windows Updates), and deny all other traffic until the user on the network side of the firewall initiates communication to the outside of the network. Then, that inbound traffic is allowed (until that connection is terminated) to permit a connection. This allows basic protection for the unpatched PC, which can still be subverted, but makes it more difficult for an attacker.
Network Address Translation
A firewall will appear to the internet with a public IP address (obtained from your ISP, most likely), while maintaining a connection on the private network with another IP address. All modern firewalls are capable of this feature.
The original reasoning for this feature was preserve the usage of public IP addresses on the rapidly-diminishing IPv4 addressing scheme, allowing your entire network to be contacted via a single address on the internet. However, because it hides the actual addresses of the computers communicating to the internet, it introduces an additional security benefit to the network. All communications go from the internet, to the firewall, then to the individual PC (or in reverse).
The Different Types of Firewalls
There are several different types of firewalls available. Many feature sets fall squarely into these boundaries, while other devices will tend to blur the lines a bit more. They are as follows:
- Packet Inspection Firewalls
Packets are the fundamental “units” of communication on the internet, the smallest usable parts. This type of firewall is the cheapest, and often fastest-performing unit as the more complex types of firewalling require more built-in processing power and memory. This unit functions by examining the packet being transmitted. If this packet is allowed by the set of rules, it will be allowed onto the network to its destination. If not, it can either be dropped, which is a silent discarding of the packet, or rejected, which returns an error to the sending computer. This firewall operates at the network layer of communications.
- Stateful Firewalls
The main weakness of a packet inspection firewall is that it does not examine the state of that packet. Many packets make up a whole transmission together. Stateful firewalls maintain a record of the connections being passed through it. This type of firewall can then understand if the packet in question is a start of a new connection, from the middle of a connection, or if it is invalid altogether.
This type of firewall also operates with a set of rules. These rules can also be configured based on the state of packets. This firewall operates at the network layer, as well.
- Application-layer Firewalls
This type of firewall operates at the highest layer of network communication, the application-layer. In addition to the capabilities of the other firewall types, this device is able to understand traffic from certain applications and protocols. Thus, it should know for the large part on what type of traffic is expected through those ports, and what it can anticipate from particular protocols.
In addition, application-layer firewalls will watch to see if a protocol is being attempted on a non-standard port, or if abuse of a protocol is being attempted.
From software-based solutions built into your operating system to extensive server room equipment dedicated to the filtering of thousands of computers daily, firewall technology is found all across the internet and serves to keep you safe at home and at work often as the first line of defense against whatever new virus or worm has been written. I hope that this article has helped you in understanding the different features and types of firewalls available today.