What is a Firewall?
A firewall is a security device or security software or a dedicated network appliance. A firewall is used to separate a secure area from a less secure area and then to control the communication between the two areas. It can perform many functions, but it is mainly responsible for controlling inbound and outbound communication from a computer to an entire network.
1) Software Firewalls
A software firewall is referred to a personal firewall, which is designed to run on a single computer. This is used by home user or small office users that have broadband access. A software firewall will prevent unwanted access to the internet by preventing communication over risky ports. And it permits only communication of recognized ports.
For example, port 80 is for access to the Internet, port 443 is for secure communication. The firewall will allows these ports for communication, but it will block port 421, for example, because it is not expected to receive any data.
A software firewall can also detect suspicious activity from outside, and block any access to home computer from outside address, for example, port scanning activity.
However, software firewall can allow certain programs on user’s computer to access the Internet by the expression of user. User can decline any access for programs to access the web. This is a good feature, especially, to block adware, spyware, and malware from accessing to the Internet.
The drawback of using software firewall is it is run on personal computer operating system. If the operating system is compromised, the firewall is also compromised.
Software firewall relies mainly on user’s right decision. For example, if user allows access for a trajon or a keylogger to access the Internet, the security of that computer is compromised, even there is nothing wrong with the software firewall itself.
There are many companies that create software firewall product such as: ZoneAlarm, BlackICE, Kerio, and more.
2) Hardware Firewalls
Hardware firewalls are software components that run especially on optimized dedicated server or network appliance that are designed to run the firewall. And operating system that runs this firewall is basic and simple, but it is difficult to attack. Because there is no other software run on that appliance beside firewall, makes it extremely secure and very difficult to compromise.
A hardware firewall is put between a network and a less secure area, such as the Internet. The firewall will separate the secure network from the less secure network. The firewall need to configure with rules to block or allow specific ports.
Rule can be simple like allowing port 80 traffic through the firewall. And it can be complex like only allowing traffic from specific port, and from a specific IP address outside the network through the firewall to a specific IP address inside the network.
Firewall also uses for NAT (Network Address Translation). NAT lets network administrator to use one public IP address for all users in the network to access the Internet.
Firewall can also act as caching servers, VPNs, routers and more functions.
There are many companies that make hardware firewall products such as: Cisco PIX, CheckPoint, Linksys, Contivity, SonicWall, and more.
In conclusion, firewall (software or hardware) is very important to network management.