A firewall, put simply, is a barrier – a barrier between a secure and trusted internal network and that of an outside network.
It is defined as a network security system which monitors and controls network traffic based on set security rules. A firewall can help block hackers or malicious software from infiltrating your computer through the internet or a network, as well as stopping your computer from sending malicious software to other computers.
Firewalls can be implemented in both hardware and software, or through a combination of both. Generally, there are two types of firewalls; a network firewall is a software appliance which runs on hardware which filters traffic between two or more networks, while a host-based firewall is a layer of software on one host that filters traffic on a single computer.
Firewalls date back to the late 1980s when the Internet was still new in terms of connectivity and usage. The first type of firewall was the packet filter, which were filter systems first developed by engineers from Digital Equipment Corporation.
The basic technology looked at ‘packets’ which were transferred between computers on the internet. These packets, which are messages transmitted over a packet-switching network, usually contain information of the packet’s source, destination address, protocol and port number.
What layers make up a firewall?
They are either rejected or allowed to pass depending on if the packet’s information passes a set of filtering rules. Packet filtering firewalls worked on the first three layers of the OSI reference model, meaning that the majority of the work was done between the network and physical layers.
This technology has continually developed and evolved into today’s network layer firewalls – also called packet filters. One of a number of common firewall techniques, packet filter firewalls work at a low level of the TCP/IP protocol stack which use an established rule set as a means of blocking or allowing packets to pass into the network. Although effective, packet filtering can be susceptible to IP spoofing.
Another common firewall technique is an application gateway, which applies security mechanisms to specific applications such as FTP. Circuit-level gateway, another firewall technique, only applies security mechanisms when a TCP or UDP connection is established. Once a connection has been established, packets can flow without further monitoring or security checks.
Another popular firewall technique is the proxy server which intercepts all messages in and out of the network. Effectively, the proxy server hides all network addresses.