Firewall

Definition

What is a Firewall?

A Firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It establishes a barrier between a trusted internal network and another network, such as the internet, which is assumed to be untrusted and unsecured.

There are several types of firewall technologies, including hardware firewalls and software firewalls. Hardware firewalls are physical devices installed between the network and the internet connection, typically positioned at the perimeter to protect the network from external threats. Software firewalls, on the other hand, are installed on individual computers and protect them from incoming and outgoing network traffic.

Firewalls use rules to determine which traffic is allowed to pass to the network or individual computer. These rules can be based on various criteria, such as source and destination addresses, port numbers, and protocol types. For example, a rule might allow all traffic from a trusted IP address range to pass through the firewall but block all traffic from an untrusted IP address range.

Firewalls can also use various methods to inspect and filter traffic. One common method is packet filtering, which examines the header of each packet and allows or denies it based on the rules defined in the firewall. Another method is application-level filtering, which examines the content of the traffic and allows or denies it based on the specific application or service in use.

Next-Generation Firewalls (NGFW) can also provide additional security features, such as VPN support, intrusion prevention (IDPS), and protection against malware (antivirus). VPN support allows users to securely connect to the network over the internet, while intrusion prevention helps identify and prevent malicious activity on the network. Antivirus protection helps detect and prevent the transmission of malware over the network.

Regularly updating and maintaining the firewall is essential to ensure its effectiveness in protecting the network. This includes applying security patches, updating the firewall’s rules and policies, and monitoring firewall logs to identify potential security threats.

YouTube player

You may also find interesting

pfSense

Intrusion Detection and Prevention Systems

You may also find interesting

pfSense

Intrusion Detection and Prevention Systems

Glossary

Sandbox

A Sandbox is an isolated environment where code or software...

Read More

Hashing

Hashing is a cryptographic process that transforms an input ("message")...

Read More

Antivirus

The traditional Antivirus software is designed to detect, block, and...

Read More

MITRE

MITRE is a not-for-profit organization that operates federally funded research...

Read More

MITRE ATT&CK

MITRE is a not-for-profit organization that operates federally funded research...

Read More