How a Firewall Provides Network Security
By Stephen Bucaro
A firewall provides security by controlling access between a network and an
untrusted network. A firewall can allow or block traffic from entering or exiting
a network. A firewall can be a hardware device, software, or combination of
hardware and software.
Although a firewall can be used to control traffic between parts of an Intranet
or between parts of networks belonging to different companies, firewalls are
usually used to control traffic between a private network and the Internet.
No responsible network administrator would connect their network to the Internet
without a firewall.
• One benefit of a firewall is that it proves a single point of administration for providing
network traffic security.
• A firewall is good at keeping intruders out of a network, but a user within the network can
purposely download data that contains a virus, so a firewall cannot protect against all viruses.
There are four types of firewalls.
• Stateful Inspection
A Proxy Server is a host that multiple computers on a LAN connect to in order to get
access to an outside network, such as the Internet. The Proxy Server presents only
its own single IP address to the outside network, thus acting as a proxy for the
computers on the LAN. The process of changing the individual IP addresses of computers
on the LAN to one IP address is called Network Address Translation (NAT).
Because a Proxy Server hides individual IP addresses on the LAN, it performs some
function as a firewall, but a proxy server does not block access to the network. A
firewall blocks access and it can provide the proxy function by performing NAT.
Other network devices, like routers, perform fire wall functionality because they
provide packet-filtering capabilities.
The first firewall technology developed was packet-filter. A packet-filter firewall
analyzes network traffic at the Transport layer of the OSI model. Each IP packet is
examined to see if it matches a rule defining what data is allowed to pass through
to the network.
The rules are configured by the network administrator. When you configure filtering,
by default everything is blocked and you must designate what is allowed to pass
through the firewall. The rules are based on information contained in the packet header.
• The source IP address
• The destination IP address
• The type of transport layer (TCP or UDP)
• The Transport layer's source por
• The Transport layers destination port
• The physical network interface though which the packet arrives
• The physical network interface though which the packet leaves