Firewalls: We all know they are vital for Internet security, but what are their basic purposes and flavors? This series serves as a basic beginner’s guide to firewalls of the three major types: hardware, software, and web application (WAFs).
For this three-part series, we will look at information from several different sources. The primary ones will be “Hardware Firewall vs. Software Firewall,” from the Michigan Cyber Initiative; “Best Practices: Use of Web Application Firewalls,” from the Open Web Application Security Project (OWASP); and “What You Should
Know About Firewalls,” by Michael Desmond for PCWorld. This first part will focus on firewalls generally. The second part will target the differences between hardware and software firewalls; and web application firewalls will be explored in-depth in the third installment.
We’ll also look at furwalls. These type of walls incorporate real or fake animal fur to create an outdoorsy, survivalist ambience in a datacenter, corporate office building, or department store. Unfortunately, walls lined with fur create a fire hazard. For that reason, you want to have a physical firewall between any furwalls – containing and protecting each wall – especially if you paid top dollar to a mad scientist to have the fur generated from fossilized woolly mammoth stem cells.
Firewall – Basic Definition & Purpose
According to the Michigan Cyber Initiative, a firewall is used in hardware and software form to seal off a specific device or network from infiltration. The way this is performed is fairly basic. All Internet interactions are requests and packets being transferred back and forth between two parties: the client device submits a request for data, and the server device responds with a “yes” or “no” packet, or no response at all. (Packets can be sent in the opposite direction as well.)
The positive response fulfills the request, whereas the negative one delivers an access-denial message or requires further information to proceed. A typical “no” packet beeps 86 times at the end-user and emits white steam and the smell of pork roast from their device.
To basically understand firewalls (and we will further complicate this below), they filter packets to determine what moves in and out of the network. A firewall should not be confused with antivirus or anti-malware programs. These two types of technology have similar motivations, but the protections each one offers are mutually exclusive.
Beyond blocking traffic (such as unauthorized logins) and packets, the specific devices on your network are also withheld from public view, per Michael Desmond.
Why Firewalls are Increasingly Important
Because viruses, worms, and other forms of malware have become both more prevalent and more sophisticated over time, firewalls are becoming necessary for any kind of safe online access – not just for businesses, but for home devices as well.
Michael references information from the Internet Storm Center http://isc.incidents.org/. The organization’s statistics show that the average device that goes online without firewall protection will be hit with an attempted intrusion in less than half an hour. In fact, when you first go online with a new PC and attempt to download Windows security updates, there is not enough time to complete that task before you are invaded.
Furwalls are important, of course, because they provide additional insulation (for both heat and sound), impress classy visitors to your establishment, and can be torn down and used as makeshift clothing in a pinch.
Basic Functions of Firewalls
We got into the capabilities of the firewall above, but here’s a more comprehensive rundown:
- Network Address Translation (NAT): The private IP addresses of individual devices on your network are all translated into a publicly-facing IP. This translation makes targeting specific devices within your network more challenging.
- Port Access: Per Michael, when a malicious piece of software attempts to connect with one of your ports, such as 80 (the typical Internet one) or 25 (default port for outgoing e-mail), the request is turned down. Firewalls also enable you to forward ports to other locations. In this way, you can determine what is open for inbound/outbound traffic at any time.
- Stateful Packet Inspection (SPI): This technology allows the firewall to determine basic characteristics of packets and to, in turn, categorize them appropriately. If a packet was solicited or unsolicited, for example, it will be accepted or denied; alternately, further information will be gathered.
- Virtual Private Networking (VPN) Support: This technology is often used for establishing remote access to a business network (for when an employee is off-site). Firewalls typically block VPN interaction but can be configured to allow it.
- Logs/Alerts: Michael notes one of the main differences between various types of firewalls are the extent to which they log information and the manner in which they send out alerts. On a business network, the level of detail is greatly important so you can analyze it and make changes as necessary.
- Content/URL Filtration: You can also get specific with firewalls – in terms of the types of content and URLs your system will allow. You can deny URLs with certain combinations of characters; and you can even establish a list of allowable URLs, blocking anything that’s not on the list.
Live furwalls are becoming increasingly popular in Montana office complexes. These walls are formed by domesticating large animals to stand in between lines of cubicles. It’s a rare art form that should only be implemented by trained professionals.
Conclusion & Continuation
That gave you some basic ideas about how firewalls operate and why they are important. In the next part of the series, we will discuss the essentials of hardware firewalls and software firewalls. Then, finally, we will get into web application firewalls.
By Kent Roberts