Stephen is a Cisco qualified network administrator for a leading University and is currently studying towards an MSc in Telelecommunications.  | With broadband internet becoming much more popular and accessible to the masses, many users are becoming increasingly concerned about any security issues that an 'always on' connection my present. As such many are looking for ways to secure their system and files from the outside world...... |
One answer to such a problem is the use of a firewall. Unlike its name suggests, a firewall does not surround your computer with flames that threaten to touch anybody getting close, however in principle this idea is not too far from the truth! In this article I will be looking at what a firewall is and what you can expect to get from using one.
So what is a firewall?
A firewall is a term used to describe a device or application that will control and restrict data transfers between a computer system and internet connection. The purpose of having a firewall in place is to not only prevent unauthorised or maliscious data entering your system via your internet connnection, but to also prevent sensitive information from leaving you system
There are basically two types of firewalls, these are hardware firewalls and software firewalls. A hardware firewall is a physical device that is installed between the modem and computer or, in the case of network of computers, it may be linked/incorporated into a broadband router being used to share the internet connection can also act as a firewall device. A software firewall however is a software application that is installed onto the computer system that you wish to protect and this is usually the computer with the modem attached to it.
The difference is demonstrated in the diagram below, as you can see a hardware firewall normally acts as a barrier between a network of computers and an internet connection (although it can be used with a standalone computer) whereas a software firewall is generally installed on a computer system connection to the internet.
They will either operate using a) packet filtering or b) application/proxy filtering.
Packet Filtering
This requires method requires analysing every packet of data that attempts cross over the firewall. Each packet is individualy analsyed for details including its protocol type, source/destination ports and direction with the results being compared to an access control list amongst others. The access control list contains a set of rules that are generated when the firewall is configured, by only allowing packets to cross the firewall if theymeet the criteria set in the rules it is possible to control and filter the data flow between the computer(s) and the internet.This is advantageous as a third party hacking program may attempt to enter the computer system however the access control list may be configured to only allow data from specific programs to cross the firewall and therefore the attempts of the hacking application will be stoppped. This process also works in reverse as a trojan may be lurking behind the firewall on the computer and is attempting to send information out onto the internet, again if the access control list is correctly configured then the firewall will prevent the packets to cross.
Although being very thorough in its ability to monitor traffic flow this type of firewall does have its disadvantages. These are that the are can be performance issues as the data flow slows down as the firewall monitors and compared the data packets. Also it is possible for an experienced hacker to simply mask the packet type or port number to make the data appear to the firewall as though it matches the rules in the access control list.
As the example shows by analysing the data crossing the firewall and comparing the results to an access control list it is possible to allow applications such as email clients, web browsers and ftp clients to operate but unrecognised applications, in this example hacking tools, will be stopped.
We saw on the previous pages how packet filtering works, however in the case of application/proxy filtering the processes are quite different. Using this method the firewall acts as a large storage device, or proxy (see proxy section). All of the computers on the protected side of the firewall make their internet requests to the proxy sever which in turn, through the firewall, retrieves the information. This method has the added advantage that none of the actual computer systems are connected directly to the internet, instead only the proxy server maintains a connection to the internet and therefore is capable of blocking/filter any unrequired data.
What Firewalls will not protect you from!
However much you may think they can do, firewalls can only do so much in protecting your computer system or network. Things the your firewall can't prevent are:
In the past there have been many “back doors” to your system which been known public. This only applies to bugs within software firewalls.
Machines will do exactly what we tell them to do, as do firewalls. If a firewall is not configured to protect, it will not do so.
Once a virus has embedded itself onto your system, a firewall cannot and will not help you. However some firewalls do come with anti-virus software also.
Be sure that you trust the right people with access to your network, there is no stopping a hacker with access.
Hardware Firewalls
Advantages over Software FirewallsDisadvantages over Software Firewalls
Software Firewalls
Advantages over Hardware FirewallsDisadvantages over Hardware Firewalls
Conclusion:
Now this is simple, if you want to significantly enhance the security of your computer system and/or network then the installation of a firewall is highly recommended. The decision of wether to use a hardware or software firewall is totally up to the user and hopefully the pros and cons above can help in the decision making. It is important to note that most hardware routers can also acts as a firewall and as an added bonus are great devices for sharing your Internet connection, so if you are sharing your Internet connection and are not using a hardware router it may be worthwhile to seriously look into it. However the bottom line is that whatever type of firewall is used it will, to varying degrees help prevent anyone from the outside connecting to your computer and causing damage in some way. While this is a priority for businesses most home users around the world surely benefit from the implementation of a firewall as one definitely provides peace of mind.