We can use a firewall to protect our home network and family from offensive web sites and potential hackers.
Essentially, a firewall is a wall to prevent harmful forces away from our business. In fact, that is why it’s described as a firewall. Its role is related to a physical firewall that retains a fire from lying from one area to the next.
How does a firewall work?
A network firewall works by establishing a border between the internet and the network it guards. It is injected inline over a network connection and examines all packets accessing the network. As it examines, a controls engine differentiates among traffic that is kind and traffic that is possibly vulnerable.
A firewall is not capable of making judgments on its own — no computer is. Alternatively, it matches the programmed courses designed by people. Certain laws record whether the firewall should give a packet by the network boundary. If a packet matches a pattern that indicates danger, the corresponding rule will instruct the firewall not to let the packet through. Certain laws have to be regularly renewed because of the guidelines for what models show a dangerous packet change regularly.
Firewall may be classified into three different ways:-
- By their processing type
- By their evolutionary generation
- By the way they are implemented
- A packet-filtering firewall examines packets in isolation and does not know the packet’s context.
- A stateful inspection firewall examines network traffic to determine whether one packet is related to another packet.
- A proxy firewall (aka application-level gateway) inspects packets at the application layer of the Open Systems Interconnection (OSI) reference model.
- An NGFW uses a multilayered approach to integrate enterprise firewall capabilities with an intrusion prevention system (IPS) and application control.
- A personal firewall is software used to protect a single internet-connected computer from attacks, as opposed to a multitude of devices.
Packet filtering firewall come in three types:
- Traffic on a network is broken into packets,smaller message units.Each packet must hold at least two address.that of the sender and that of the recipient.A packet-filtering firewall will hold a database of rules that tells it what to do with packets.often the rules are based on the address mentioned above and the protocol the packet is being sent under.The rules may include all three ideas,
- The first rule says if the packet is from any address on the 172.16.0.0 network(172.16.x.x) and being sent to any address on the 10.10.0.0 network, using any protocol, drop the packet. The X character is used as WILDCARD on some firewall, as the text mention later. Other firewalls might use zeros instead, so we need to know the syntax for the fire we are configuring.
- The second rule says if the packet is from any address on the 192.168.0.0 network(192.168.x.x) and being sent to the specified address 10.10.10.25 (10.10.1.25), using the HTTP protocol, let that packet through. This tells me that 10.10.10.25 is the address of a web server on that network because HTTP is a web page.
- The third rule says if the source address is especially 192.168.0.1 and the destination address is specially 10.10.10.10, and the protocol is FTP, then let the packet through
- Static-a system administrator sets the rules for the firewall
- Dynamic-The firewall sets some rules for itself,such as dropping packets from an address that is sending many bad packets
- Stateful-Packets sent by an attacker often are sent to a port that the attacker has guessed is open; a stateful firewall denies packet sent to any por unless a connection to that port has already been negotiated; this kind of checking puts more processing overhead on the firewall.
2. Application gateway firewall:
The ISO-Open system interconnects the networking model has seven layers that describe what appears to a packet as it made to be transmitted out on the network, and what occurs when that packet is accepted by the machine that is expected to work on it.