What is a Firewall?
Firewall. It’s a term that comes from the practice of building a wall to act as a barricade to hinder the spread of fire. It serves as a barrier to prevent what is dangerous from harming what needs to be safe. In a digital network, a firewall serves the same purpose. A network firewall is a device that establishes a security membrane that allows only certain units of data through. These units of data, or packets, are routed from one device to another across a network, and it is the firewall’s job to sift through all of the packets and determine which of those packets belong in the network it protects.
Think about your network as a business building. In this building, there is an organization that, to provide its services, must interact with the outside world. At this point, we have two established entities: the building (along with everything in it) and the outside world. If the organization wants to maintain maximum security for their building and make sure nothing dangerous comes inside, the easiest solution would be to simply block everything off. But if they were to block out everything and everyone, nothing could get done and the business would fail. As a solution, the organization decides to hire security personnel whose role will be to only allow employees, clients, and visitors who have appointments through the front door. Increases in the intensity of the security, such as thorough investigation of every little item being brought in, would increase safety but could drastically slow down the business. More lax security would increase work flow, but result in a higher risk of accidentally letting in unwanted quests.
This analogy can be used to describe almost all security functions in a network. That is why, like for any business that interacts with the public to any degree, firewalls are not the only defense. Like the guards at the entrance to the building, they are the first line of defense. Firewalls can come in all shapes and sizes. They can be installed as software or physically added as pieces of hardware, such as a router that serves to create a private network, separating the network behind it from the rest of cyberspace.
Firewalls can also be found in proxy servers. Proxy servers act as mediators between your computer and the internet. You are able to read this article because you accessed an internet-connected proxy server and requested to view this webpage. The internet received that information, analyzed it, and shot out what you were wanting to see. But to get to this point, the information had to pass through a proxy firewall. After you sent the request, what you wanted was intermingled with thousands of bits of data. Most of that data was irrelevant to you. When the proxy server received what it thought you wanted to see, it had to pass the information through a firewall, which has been configured by either you or a search engine to allow through only that information that has been authorized as safe data.
To understand how that information is authorized, it is useful to understand the concept of packet filtering. Packet filtering is a process that all firewalls must go through. It’s what makes a firewall a firewall when talking about devices communicating across a network or networks. There are two types of packet filtering: static and dynamic. Static packet filtering is relatively simple, as it does not actively analyze network traffic to distinguish what is safe from what is not. Rather, it grants access based on where the packet is from and where it is going. Dynamic packet filtering, also known as a stateful inspection firewall, does actively monitor and analyze network traffic, and grants access based on a combination of rules defined by an administrative user and the use of an algorithm that judges information relative to what users in that network have previously sent and received. Because of the active analysis of the information passing through, dynamic packet filtering does slow down network traffic.
To go a step further, there are now what are known as next-generation firewalls. Next-generation firewalls use a dynamic packet filter, have integrated intrusion-protection, are able to block specific applications, incorporate growing knowledge from outside of the firewall, and can adapt to current cyberthreats. Next-generation firewalls are recommended for businesses that rely heavily on the internet and route millions and millions of data bits across the network on a regular basis. For everyone else, a combination of standard commodity firewalls and unified threat management devices will usually suffice. Intrusion prevention and antivirus software are still vitally important, but the everyday household should not require a stand-alone device to can counteract evolving cyberattacks.
Firewalls are an incredible technology that are an integral part of a secure network. Remember to check to make sure your firewalls are operating as they should. Feel free to research what kind of firewall your place of business is using and decide if it is the best choice or if you need something of higher caliber. Where do you see the optimal ratio between security and speed being? The choice is ultimately yours.
If you, your organization or company, or someone you know would like more information on our company or would like help evaluating the security of your network, please do not hesitate to reach out to Mission Multiplier at firstname.lastname@example.org.