Definitions Edit

A firewall

[is] [c]omputer hardware and software that block unauthorized communications between an institution's computer network and external networks.[1]
allows or blocks traffic into and out of a private network or a user's computer, and is the primary method for keeping a computer secure from intruders. Also used to separate a company's public Web server from its internal network and to keep internal network segments secure.[2]
[is a] security solution that segregates one portion of a network from another portion, allowing only authorized network traffic to pass through according to traffic-filtering rules.[3]
[is a] network device[] or system[] running special software that control[s] the flow of network traffic between networks or between a host and a network.[4]
[is a] a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.[5]
[is a] network security device that monitors incoming and outgoing network traffic and helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. A firewall can be hardware, software, or both.[6]

How it works Edit

A firewall is a staple of security in today’s IP networks. Whether protecting a LAN, WAN, encapsulating a DMZ, or just protecting a single computer, a firewall is usually the first line of defense against would be attackers. At one time, most firewalls were deployed at network perimeters. This provided some measure of protection for internal hosts, but it could not recognize all instances and forms of attack, and attacks sent from one internal host to another often do not pass through network firewalls. Because of these and other factors, network designers now often include firewall functionality at places other than the network perimeter to provide an additional layer of security, as well as to protect mobile devices that are placed directly onto external networks.

There are several types of firewall techniques:

In practice, many firewalls use two or more of these techniques in concert.

"Firewalls have two forms: a firewall may be software program running on your computer or it may be a separate piece of hardware that watches what is being sent and received over a network. Firewalls can block transmissions that are unexpected or disallowed."[7]

A firewall is set up as the single point through which communications must pass. This enables the firewall to act as a protective barrier between the protected network and any external networks. Any information leaving the internal network can be forced to pass through a firewall as it leaves the network or host. Incoming data can enter only through the firewall. Firewalls work by blocking traffic deemed to be invasive, intrusive, or just plain malicious from flowing through them. If networks are castles, firewalls are the drawbridges.

Traffic not meeting the requirements of the firewall is dropped. Processing of traffic is determined by a set of rules programmed into the firewall by the network administrator. These may include such commands as "Block all FTP traffic (port 21)" or "Allow all HTTP traffic (port 80)". Much more complex rule sets are available in almost all firewalls.

Firewalls are typically deployed where a corporate network connects to the Internet. A useful property of a firewall, in this context, is that it provides a central location for deploying security policies. It is the ultimate bottleneck for network traffic because when properly designed, no traffic can enter or exit the LAN without passing through the firewall.

Firewalls close unneeded ports through which Internet communications can enter the computer, and block incoming Internet communications — and sometimes outgoing communications — unless the consumer has authorized those communications. However, firewalls usually do not check the contents of the communications coming in or going out, so as to determine whether a file contains a virus, for example. That is generally left to a virus checker.

Firewalls can also be used internally, to guard areas of an organization against unauthorized internal access. For example, many corporate networks use firewalls to restrict access to internal networks that perform sensitive functions, such as accounting or personnel.

A properly configured firewall will stop the majority of publicly available cyberattacks. Firewalls may be client managed or centrally managed.

International usage Edit

In several countries, including China and Iran, firewalls have been established on a national level to prevent Internet users from accessing certain content from abroad.

References Edit

  1. Bringing Health Care Online: The Role of Information Technologies, at 219.
  2. Electronic Crime Scene Investigation: A Guide for First Responders, at 54.
  3. Privacy and Civil Liberties Policy Development Guide and Implementation Templates, App. E, Glossary.
  4. Technology Assessment: Cybersecurity for Critical Infrastructure Protection, at 149.
  5. ARSC Guide to Audio Preservation, Glossary, App. B, at 225.
  6. Cybersecurity A Primer for State Utility Regulators, App. B.
  7. Information Technology Security Handbook, Annex 1, Glossary.

See also Edit

Community content is available under CC-BY-SA unless otherwise noted.