A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It does this by filtering out the data sent by attackers.
There are two main types of firewalls.
Hardware Firewalls
Software Firewalls
A hardware firewall is generally considered to be more secure than a software firewall. This is because a software firewall is integrated into the vulnerable operating system of the target machine. Whereas a hardware firewall uses an obscure proprietary operating system programmed by the manufacturer.
Since the software firewall is more common this post will cover the following details of firewall software.
Functions
Configuration
Types
Functions of Firewall Software:
The function of firewall software within a network is similar to that of a building with fire doors. Just as a firewall of a building is meant to prevent the fire from spreading to adjacent building structures, firewall software prevents intruders and malware from infecting your computer or network.
Firewall software permits the flow of relevant data and blocks all irrelevant and suspicious data from entering. Relevant files such as legitimate communications, video files, music files, or photo files which are retrieved while browsing or surfing on Internet, are allowed to enter into your computer or network.
Irrelevant or bad data such as hacker scripts or programs that are placed on the Internet to corrupt important files, steal personal information, or hijack your system are blocked. Hackers generally attempt to invade computer files through your computer's ports.
A Firewall forms a protective layer and takes the responsibility of monitoring your computer ports. It also regulates the flow of incoming and outgoing data. It acts as a barrier to hackers.
Many people have the misconception that antivirus software is completely protecting their computers from hackers. However, antivirus software can fail to protect your computer against severe hacker attacks.
Regardless of the type of Internet connection (dial-up, DSL, or broadband connection), your computer is at great risk while it is hooked up to the Internet.
Many software firewalls come with a user interface that is easy to understand and preset security levels. In addition, hardware firewalls are incredibly secure and not very expensive. Home versions that include a router, firewall and ethernet hub for broadband connections can be found for well under $100.
Proper Configuration of Firewall:
Firewall software can be worthless if it is not properly configured. Standard security procedure usually follows a default DENY rule. Which means that only selected network connections are allowed. Unfortunately, use of such a configuration requires a thorough knowledge of your network's application and its end points, and the day-to-day activities of your organization.
Deficient of such knowledge, many businesses therefore use a default ALLOW rule. This rule blocks only specified traffic and allows the flow of non-specified traffic. Such a configuration can cause unwanted network connections and the system is also more susceptible to being compromised.
Your best bet is to read the documentation and instructions and configure your firewall according to the needs of your organization or network. Additionally, you should periodically review the logs to see who has been trying to connect to your network and adjust your firewall's setting accordingly to mitigate new threats.
Once you have a firewall in place, you should test it. A great way to do this is to go to http://www.grc.com and try their free Shields Up! Security test. You will get immediate feedback on just how secure your system is.
The author is a computer security professional with experience protecting small business and home networks. He also teaches the basics of computer network security at 365 Computer Security Training where he blogs regularly and creates video training and educational materials related to information security. Learn more at http://www.365ComputerSecurityTraining.com
