A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt or proxy all (in and out) computer traffic between different security domains based upon a set of rules and other criteria. It can also be defined as software or hardware used to isolate and protect a private system or a network from the public network.
In other words, internet firewall is a system or group of systems that enforces a security policy between an organization’s network and the internet. The firewall determines which inside services may be accessed from the outside, which outsiders are permitted access to the permitted inside services, and which outside services may be accessed by insiders.
For a firewall to be effective, all traffic to and from the internet must pass through the firewall, where it can be inspected. Firewall can also log activity, to provide an audit trail in case the network is penetrated. A firewall system is usually located at a high level gateway such as a site’s connection to the internet. However, firewall systems.
A firewall can greatly improve network security and reduce risks to hosts on the subnet by filtering inherently insecure services. As a result, the subnet network environment is exposed to a fewer risks, since only selected protocols will be able to pass through the firewall. A firewall could prohibit certain vulnerable services such as Network File System (NFS) from entering or leaving a protected subnet. This provides the benefit of preventing the
What exactly does a firewall do? As network traffic passes through the firewall, the firewall decides which traffic to forward and which traffic not to forward, based on rules that you have defined. All firewalls screen traffic that comes into your network, but a good firewall should also screen outgoing traffic. Normally a firewall is installed where your internal network connects to the Internet. Although larger organizations may also place firewalls between different parts of their own network that require different levels of security, most firewalls screen traffic passing between an internal network and the Internet. This internal network may be a single computer or it may contain thousands of computers.
The following list includes the most common features of firewalls:
Block incoming network traffic based on source or destination: Blocking unwanted incoming traffic is the most common feature of a firewall.
Block outgoing network traffic based on source or destination: Many firewalls can also screen network traffic from your internal network to the Internet. For example, you may want to prevent employees from
accessing inappropriate Web sites.
Block network traffic based on content: More advanced firewalls can screen network traffic for unacceptable content. For example, a firewall that is integrated with a virus scanner can prevent files that contain viruses from entering your network. Other firewalls integrate with e-mail services to screen out unacceptable e-mail.
Make internal resources available: Although the primary purpose of a firewall is to prevent unwanted network traffic from passing through it, you can also configure many firewalls to allow selective access to internal resources, such as a public Web server, while still preventing other access from the Internet to your internal network.
Allow connections to internal network: A common method for employees to connect to a network is using virtual private networks (VPNs). VPNs allow secure connections from the Internet to a corporate network.
For example, telecommuters and traveling salespeople can use a VPN to connect to the corporate network. VPNs are also used to connect branch offices to each other. Some firewalls include VPN functionality and make it easy to establish such connections.
Report on network traffic and firewall activities: When screening network traffic to and from the Internet, it’s also important to know what your firewall is doing, who tried to break into your network, and who tried to access inappropriate material on the Internet. Most firewalls include a reporting mechanism of some kind or another.