When discussing web security and privacy, an important aspect to consider would be the systems in place to protect users from security breaches. One of the key components to safety today would be firewalls.
Firewalls are used to protected a trusted network from an untrusted one, regulating the transmission of information between the two.
Despite the fact that there are many anti-virus softwares, thee are limitations. A safer way to ensure protection would be to include a firewall in the setting up of the network. This could be in the form of your own personal network at home, or an organization network like local area network, like Local Area Networks (LAN).
Firewalls are thus important to help prevent the intrusion of unwanted or malicious software into your system. At the same time, it prevents the transmission of confidential information.
Types of Firewall
Firewalls can be a hardware, or software. Both of them work on filters based on IP Addresses, Domain Names and Ports.
Hardwares are devices like routers. Using packet filtering, the firewall will screen all data (that are transmitted in packets) with preset rules determined by the administrator. During which, it will decide if it will drop or forward the packet to the user.
Softwares are common network protection tools. These softwares usually have defined controls to allow for safe file sharing and block unsafe applications from running.
Firewall application methods
There are different operation mechanisms for firewalls – packet filtering, proxy servers and stageful inspection.
Packet Filtering is one of the earlier forms of firewall, which has explicit rules on what to do with the packets of information that passes through it, based on a list of acceptable or blocked sources and destinations, also known as an Access Control List (ACL).
Network protocols like TCP, IP and UDP carry control information which can be used to restrict access to host within the organisational network. For example, the IP packet header contains network addresses of both sender and recipient of the information packet. Rules could therefore be set to block access to particular ports from IP addresses.
However, packet filtering offers an issue, as hackers could craft packets and disguise them under well-known or established port numbers, that could fit under the ACL rules.
Proxy Service is available when devices act like the proxy, becoming the intermediary between the user and the source. Requests for information are therefore sent to the proxy firewall, which then establishes a connection with the source content, which is then transmitted to the user. The proxy acts as a buffer between the two, which also causes it to be slower than packet filtering. Proxies prevents the remote computer hosting the web page from coming into direct contact with the private networks.
Stateful inspection does not analyse the contents in each packet. It compares key aspects of each packet to a list of trusted sources. If the content and the sources yield a reasonable match, it is transmitted to the user or host.
Developments in Firewall
The current developments mostly look at next-generation firewalls(NGFW), which is able to detect and block viruses with security at application, port and protocol level. These applications will feature intrusion prevention system and application control. Using Packet Filtering, Network Address Translation, URL Blocking and VPN. Other than the intrusion prevention ability, the firewall also has increased application awareness, controlling the content flow even in web-based applications.
The ability to have application, port and protocol level control is significant for NGFW, due to the prevalence of web based applications as well as mobile phone
Of course, other than the usual protection and regulation, firewall has also been used for other purposes, most notably, the Great Firewall of China.
Beal, V. (2010, June 24). The Differences and Features of Hardware and Software Firewalls. Retrieved February 27, 2015, from http://www.webopedia.com/DidYouKnow/Hardware_Software/firewall_types.asp
Blair, R., & Durai, A. (2009, May 21). Chapter 1: Types of Firewalls. Retrieved February 27, 2015, from http://www.networkworld.com/article/2255950/lan-wan/chapter-1–types-of-firewalls.html
Tyson, J. (n.d.). How Firewalls Work: Lots More Information – HowStuffWorks. Retrieved February 26, 2015, from http://computer.howstuffworks.com/firewall5.htm
Rouse, M. (n.d.). What is next-generation firewall (NGFW)? – Definition from WhatIs.com. Retrieved February 26, 2015, from http://searchsecurity.techtarget.com/definition/next-generation-firewall-NGFW