Home | Products | Buy | Support | Partners | About | Contact

An Introduction to Network Firewalls

firewall security devices based on linux, secure your network infrastructure with an anaconda firewall

Everyone needs a firewall. If you run a web site, have a dial-up connection or control a corporate backbone you have to install a firewall. This will allow the control of what internal information from your network or computer is allowed to go out, and what information is allowed to come in. Taking advantage of a simple firewall installation can help you preserve your data and report all attempts of unauthorized access.

A firewall is a device or system that separates and provides access control between two networks. The operations of firewalls are performed by access control policies or "rules". It is important to understand what kind of access we want to allow or deny into our network, or a firewall will not really help. Usually security specialists managing the connectivity and administration of firewalls have a heavy responsibility.

Today we will review the concept of firewalls, gateways and routers.

Types of Firewalls

Firewalls vary in their security protection and defense approach. Generally, they run in dedicated hosts or hardware devices that are directly connected to different network segments. A connection to the firewall is established each time a client wants to send data to a server on the separated network.

The main technical distinction between firewalls is the mechanism that they use to pass traffic from one segment to another. Lower-level firewalls perform operations on the first layers of the OSI model (Open Systems Interconnect) which usually makes them faster, while Higher-level firewalls usually analyze more information about the connection, such as a client connection to a specific site.

There are two types of firewalls. Network Layer firewalls are commonly the traditional and simple routers. They make their decisions based on the source, destination addresses and ports in individual connections. These firewalls are not able to make decisions about what the connection contains and where it came from. Modern Network-layer firewalls now maintain internal information about the state of the connection and where it is coming from.

Application-level firewalls do not permit direct traffic between networks. They perform logging and auditing functions on each connection that passes through them. Proxy Servers are commonly used to perform logging and access control for applications between different networks. Application layer firewalls are also commonly used as network address translators. Applications use Application-level firewalls to mask the origin of their connection and transparently communicate with the separate network segment.


Images and content are copyright to Lindengrove 2003

Site designed by Lindengrove