MODULE 3: UNDERSTANDING OF FIREWALL
Purpose of firewalls
Firewalls protect an organisation’s network and computer systems from malicious network traffic.
Firewalls can likewise keep malware from getting to a computer system or network by means of
the web. Firewalls can be setup to filter out the data that is coming from specific IP addresses,
ports, or applications while permitting legitimate data through.
Types of firewalls
Two main types of firewalls are hardware and software firewalls. While both have pros and cons,
the choice to even utilize a firewall is considered more vital as compared to choosing the type of
firewall to use.
• Hardware: this type of firewalls are usually called network firewalls and are situated
between an organisations computer systems and the Internet. Numerous internet
service providers (ISPs) or merchants provide office or home office routers
incorporated with the features of a firewall. Hardware firewalls are especially helpful
for securing numerous computer systems and controlling the network traffic that passes
through those firewalls. The upside of these firewalls is that they give an extra layer of
security against cyber-attacks that tend to reach an organisation’s computer systems.
The impediment of these firewalls is that they are discrete gadgets and they require
experts to help with their setup and support.
• Software: a built-in firewall is mosly pre-included in many of the available operating
systems. One should use these for extra security, regardless of whether you have an
outer firewall. PC stores, software sellers, or ISPs also sell various firewall software.
On the off chance that you download firewall software from the web, ensure that it is
downloaded from a legitimate and well-known source, such as a well-known
merchant’s website who sells software online. It should also be made sure that the
website from which the firewall software is being downloaded is a secure website.
Software firewalls have an upside of having the capacity to control the particular
network traffic activity of individual applications running on a computer. There is also
a huge weakness of a software firewall and it is that by being installed on the same
computer system as it is protecting, its ability to filter out malicious traffic could be
degraded. Another conceivable drawback of software-based firewalls is that in the
event that there is a firewall for every PC on a network, each and every firewall would
have to be configured, updated and managed separately.
Circuit level firewalls
• A circuit-level firewall does not allow end-to-end TCP connections, therefore, two separate
connections are established.
• Only the allowed connections are enlisted by the firewall’s security features.
Application level firewalls
• These firewalls or gateways act as relays of application-level traffic.
Packet filtering firewalls
• Source IP address: it is the IP address of the sending host.
• Destination IP address: it is the IP address of the receiving host.
• Transport layer source and destination TCP or UDP ports- this defines the applications
that are being used to send and receive the data.
• IP protocol field- this explains which Transport layer protocol is being used.
• Router interface- this field gives information about the router interface from which the
packet was received and the router interface to which the packet has to be sent.