LOGO

What Does a Firewall Do? - Explained

September 21, 2016
Topics:FeaturesHardwareExplainers
What Does a Firewall Do? - Explained

Understanding the Role of Firewalls in Network Security

It's common knowledge that firewalls are a vital component of security, but the underlying reasons are often unclear. Popular culture frequently mentions firewalls, yet rarely explains their function.

Essentially, a firewall acts as a gatekeeper positioned between a computer, or a local network, and external networks like the Internet.

How Firewalls Control Network Traffic

This gatekeeper’s primary job is to regulate the flow of network traffic, both entering and leaving the system. Without a firewall in place, all network traffic is permitted without inspection.

However, when a firewall is active, it enforces a set of predefined rules. These rules dictate precisely which network traffic is authorized to pass through, and which is blocked.

Network traffic is assessed against these rules, ensuring only permitted communications are established.

Key Functions of a Firewall

  • Traffic Filtering: The firewall examines data packets and allows or denies them based on configured criteria.
  • Access Control: It restricts access to network resources based on source and destination addresses.
  • Protection Against Threats: Firewalls help defend against malicious software and unauthorized access attempts.

Therefore, a firewall is a crucial line of defense in protecting your digital assets. It provides a necessary layer of security in today’s interconnected world.

The Necessity of Firewalls in Computers

Many users currently employ routers within their homes to facilitate Internet connectivity across multiple devices. However, a prior situation existed where numerous individuals directly connected their computer’s Ethernet cable to their cable or DSL modem, establishing a direct link to the Internet.

A computer linked directly to the Internet possesses a publicly accessible IP address, meaning it is reachable by anyone online. Consequently, any network services running on the computer – including those bundled with Windows for functionalities like file sharing, printer access, and remote desktop – become accessible to other computers across the Internet.

htg-explains-what-firewalls-actually-do-1.jpg

Initially, the release of Windows XP lacked a built-in firewall. This, combined with network services intended for local networks and the practice of direct Internet connection, resulted in many Windows XP systems becoming compromised shortly after being connected.

The introduction of Windows XP Service Pack 2 brought the Windows Firewall, enabling firewall protection by default. This effectively isolated network services from external Internet access. Instead of accepting all incoming connection attempts, a system protected by a firewall rejects them unless specifically authorized.

htg-explains-what-firewalls-actually-do-2.jpg

This measure safeguards against unauthorized connections to local network services on your computer. Furthermore, it regulates access to these services from other devices on your local network. The network type prompt displayed upon connecting to a network in Windows is related to this functionality.

Selecting a 'Home' network configuration permits access to these services, while choosing a 'Public' network denies such access. This distinction allows for tailored security based on the network environment.

htg-explains-what-firewalls-actually-do-3.jpg

Even if a network service is configured to disallow connections originating from the Internet, vulnerabilities within the service itself could potentially be exploited. A carefully constructed request might allow an attacker to execute code on your computer.

A firewall mitigates this risk by intercepting incoming connections before they reach these potentially vulnerable services, acting as a crucial layer of defense. Firewalls are therefore essential for maintaining computer security.

Expanded Firewall Capabilities

Firewalls are positioned as intermediaries between a network, like the Internet, and the computer or local network they are designed to safeguard. While commonly understood as a barrier against unwanted incoming network connections for individual users, firewalls possess a broader range of functionalities. Their strategic placement allows for the inspection of all data entering or exiting the network, enabling informed decisions regarding its handling.

For instance, a firewall can be set up to restrict specific types of outgoing data or to record potentially harmful or all network activity for auditing purposes.

Firewall Rule Sets

A firewall operates based on a defined set of rules that permit or deny various types of network traffic. These rules can be highly specific, such as allowing connections to a server only from a designated IP address, effectively rejecting all other connection attempts as a security measure.

Firewalls manifest in diverse forms, ranging from software integrated into operating systems – like the Windows Firewall – to specialized hardware deployed within larger corporate networks.

Corporate-level firewalls can scrutinize outgoing data streams to detect and prevent communication from malicious software. They can also monitor employee network usage and implement traffic filtering policies.

As an example, a firewall might be configured to permit only web browsing traffic, thereby blocking access to other applications.

Many home users utilize a router, which inherently incorporates firewall functionality through its NAT (Network Address Translation) feature. This feature effectively prevents unsolicited incoming traffic from reaching devices connected behind the router.

Image Credit: Firewall Diagram from Wikimedia Commons, ChrisDag on Flickr

#firewall#network security#cybersecurity#firewall protection#internet security#data protection