|Computer firewall protection|
|Saturday, 19 August 2006|
Due to the nature and sensitivity of the information being transferred, various steps are often taken to protect the information from interception through outside sources. Several methods for monitoring and controlling the influx of data from the Internet into their internal networks have been developed. One popular method of filtering incoming Internet data is the use of a firewall, a selective gateway standing between the Internet and an internal computer network. In today's electronic society, many companies often separate their internal computer networks from outside computing systems and networks (e.g., the Internet) by positioning a firewall between their internal network and the external systems and networks. Firewalls represent a security enforcement point that separates a trusted network from an untrusted network. Firewalls realize the filtering of communication in order to prevent the information leakage to the external and the improper intrusion from the external. A firewall serves as a security enclosure around a private local area network (LAN) of computers and associated peripherals. Firewalls shield data and resources from the potential ravages of computer network intruders. All communications, e.g., data packets, which flow between the networks in either direction, must pass through the firewall. In essence, a firewall functions as a mechanism, which monitors and controls the flow of data between two networks. Firewalls typically incorporate hardware and software to prevent an outside user from gaining unfettered access to internal assets. A firewall isolates resources of a computer system or network from objects outside of the system or network. Firewalls may also be configured to limit the activities of internal users when communicating with an external entity through the firewall. Firewalls can be designed to prevent specific types of data from entering the internal network and have the advantage of providing a centralized point from which administrators can control the influx of data.
A firewall consists of a combination of hardware and software component that intercepts data and thereby restricts access between a protected network and outside networks. The firewall is a specially configured computer that can interrupt the flow of communications between two or more computers. Most of firewalls are configured by means of a rule-base or firewall configuration file. Based upon one or more security policies, a firewall makes decisions as to whether or not to pass data to/from the protected network. The number of parameters to be matched in determining whether to accept or reject message traffic determines a granularity of protection. The criteria employed by a firewall to match and determine whether to accept or reject message traffic typically include parameters such as port numbers, application IDs, source, destination, content filters, IP address, machine names, and TCP/IP flags, and many others depending on the complexity to be tolerated and the degree of protection desired. A firewall is generally a security mechanism for controlling access between a private, trusted network and an untrusted outside network. The firewall allows for inside users to request and receive connections to outside network, but prevents outside objects from originating similar connections. Firewalls can be implemented in routers, special firewall appliances, and bastion hosts at the connection point of two or more computer networks. There are several types of firewalls including packet filter, circuit gateway, application gateway or trusted gateway. Personal firewalls are a software application running on a personal computer.
Firewalls typically provide from one to three levels of security: packet filtering, circuit-level gateways, and application-level gateways. Some common firewall technologies are packet filters, proxy servers, network address translation, port address translation and application protocol filtering. Firewalls have typically relied on some combination of two techniques affording network protection: packet filtering and proxy services. Thus, a firewall is commonly referred to as a packet filter or a gateway. Packet filtering is the action a firewall takes to selectively control the flow of data to and from a network. Packet filters allow or block packets, usually while routing them from one network to another. Packet filter works in the lower layers of the network protocol stack such as the transport layer and network layer. A packet filter examines all incoming and outgoing data packets and, based on pre-defined filtering rules, determines which packets will be allowed to pass. Filtering rules can be based on one or more factors, including type of packet, source and destination IP address, port number, etc. A firewall is typically implemented in a proxy server which is outside of the company's computer network. A proxy is a program, running on an intermediate system that deals with servers on behalf of clients. Proxies are often employed on a firewall to accept connections from internal users and establish connections with external entities. Proxy-based intermediate systems relay approved client requests to target servers and relay answers back to clients. A firewall may incorporate one or more proxies or proxy modules to handle particular functions or particular types of traffic received by the firewall. An application proxy operates at the upper levels of the protocol stack such as the application layer and presentation layer and provides proxy services on external networks for protected internal clients. Proxy servers generally tend to be more secure than packet filters. One standard firewall configuration includes two routers that filter packets and an application gateway. One router filters outgoing packets while another router filters incoming packets according to various filtering rules.
The firewall system includes a plurality of services to carry out the operation of authorizing data traffic. More particularly, the firewall device includes a switching process component (or router), a packet filtering component, and a firewall services component. A firewall hardware system can also be referred to as router/gateways. They translate local network addresses to those used by the Internet for outgoing communications, and do the opposite translation for incoming packets. Each packet is transferred on bus to, and routed through, memory controller and on to RAM via memory bus. The packet filtering component filters data packets based on a set of rules. Generally, a firewall is installed at the traffic concentrated point between a network to be protected and an unreliable network, such as a port or TCP/IP network interface. In business networks, a firewall is usually installed between more sensitive information and less sensitive information.