A Firewall is a hardware device or software that allows us to manage and filter all incoming and outgoing traffic between 2 networks or computers in the same network. If the incoming or outgoing traffic complies with a series of Rules that we can specify, then the traffic can access or leave our network or computer without any restrictions. In case of not complying with the rules, incoming or outgoing traffic will be blocked by the Firewall.
Therefore from the definition, we can ensure that with a well-configured Firewall, we can avoid Antivirus in our network and computer as well as certain block types of outgoing traffic from our computer or our network.
WHAT IS A Firewall FOR?
The function of a firewall is to protect individual computers, servers, or networked equipment against unwanted access from intruders that can steal confidential data, lose valuable information, or even deny services on our network.
Thus, it is clear that it is highly recommended that everyone use a Firewall for the following reasons:
Preserve our security and privacy.
To protect our home or business network.
To keep the information stored on our network, servers, or computers safe.
To avoid user intrusions, unwanted users in our network and computer. Unwanted users can both be hackers and users belonging to our same network.
To avoid possible denial of service attacks.
So, therefore, a properly configured Firewall can protect us against attacks such as IP address spoofing, Attacks Source Routing, etc.
HOW A Firewall WORKS
The firewall is usually at the junction between 2 networks. In the case that you can see in the screenshot, it is at the junction of a public network (Internet) and a private network.
Likewise, we also see that each of the subnets within our network can have another Firewall, and each of the computers at the same time can have its software firewall. In this way, in case of attacks, we can limit the consequences since we can prevent the damage of one subnet from spreading to the other.
The first thing we need to know to know how a firewall works is that all the information and traffic that passes through our router and that is transmitted between networks is analyzed by each of the firewalls present in our network.
If the traffic complies with the rules that have been configured in the firewalls, traffic can enter or leave our network.
If the traffic does not comply with the rules that have been configured in the Firewall, then the traffic will be blocked and cannot reach its destination.
TYPES OF RULES THAT CAN BE IMPLEMENTED IN A FIREWALL
The type of rules and functionalities that can be built in a firewall are the following:
- Manage user access to private network services such as server applications.
- Record all attempts to enter and exit a network. Entry and exit attempts are stored in logs.
- Filter packets based on their origin, destination, and port number. This is known as an address filter. Thus, with the address filters, we can block or accept access to our equipment from IP 192.168.1.125 through port 22. Remember, only that port 22 is usually the port of an SSH server.
- Filter certain types of traffic on our network or personal computer. This is also known as protocol filtering. The protocol filter allows accepting or rejecting traffic, depending on the protocol used. Different types of protocols that can be used are http, https, Telnet, TCP, UDP, SSH, FTP, etc.
- Control the number of connections that are occurring from the same point and block them if they exceed a certain limit. In this way, it is possible to avoid some denial of service attacks.
- Control applications that can access the Internet. Thus, we can restrict access to certain applications, such as dropbox, to a certain group of users.
If you are in search of help contact us for IT Support Brisbane for your business.
